Computer Laboratory

Technical reports

Securing ATM networks

Shaw-Cheng Chuang

January 1995, 30 pages


This is an interim report on the investigations into securing Asynchronous Transfer Mode (ATM) networks. We look at the challenge in providing such a secure ATM network and identify the important issues in achieving such goal. In this paper, we discuss the issues and problems involved and outline some techniques to solving these problems. The network environment is first examined and we also consider the correct placement of security mechanism in such an environment. Following the analysis of the security requirement, we introduce and describe a key agile cryptographic device for ATM. The protection of the ATM data plane is extremely important to provide data confidentiality and data integrity. Techniques in providing synchronisation, dynamic key change, dynamic initialisation vector change and Message Authentication Code on ATM data, are also being considered. Next, we discuss the corresponding control functions. A few key exchange protocols are given as possible candidates for the establishment of the session key. The impact of such key exchange protocols on the design of an ATM signalling protocol has also been examined and security extension to an existing signalling protocol being discussed. We also talk about securing other control plane functions such as NNI routing, Inter-Domain Policy Routing, authorisation and auditing, firewall and intrusion detection, Byzantine robustness. Management plane functions are also being looked at, with discussions on bootstrapping, authenticated neighbour discovery, ILMI Security, PVC security, VPI security and ATM Forum management model.

Full text

PS (0.2 MB)

BibTeX record

  author =	 {Chuang, Shaw-Cheng},
  title = 	 {{Securing ATM networks}},
  year = 	 1995,
  month = 	 jan,
  url = 	 {},
  institution =  {University of Cambridge, Computer Laboratory},
  number = 	 {UCAM-CL-TR-384}