While a variety of mechanisms have been developed for securing individual intra-domain protocols, none address the issue in a holistic manner. In this work, we develop a unified framework to secure prominent networking protocols within a single domain. We begin with a secure version of the DHCP protocol, which has the additional feature of providing each host with a certificate. We then leverage these certificates to secure ARP, prevent spoofing within the domain, and secure SSH and VPN connections between the domain and hosts which have previously interacted with it locally. In doing so, we also develop an incrementally deployable public key infrastructure which can later be leveraged to support inter-domain authentication.
Page accessed 1239
times, last modified on April 17, 2008. This page uses valid W3C HTML and CSS markup.
