Reducing the Impact of DoS Attacks on Endpoint IP Security

Touch, Joseph D.; YANG, Y.-M.

doi:10.1109/npsec.2006.320340

Cited by 2 publications

(1 citation statement)

References 16 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…DRUID's use of repeated dynamic decisions allows policy and authorization to be considered at all layers of the system once implemented at any layer. This also makes it easier to support reactive security, where costly (e.g., computationally intensive) mechanisms can be activated on-demand at the strength needed [57], and where faulty mechanisms can be replaced at many layers in one operation.…”

Section: Discussionmentioning

confidence: 99%

A Dynamic Recursive Unified Internet Design (DRUID)

Touch¹,

Baldin

Dutta

et al. 2011

Computer Networks

View full text Add to dashboard Cite

a b s t r a c tThe Dynamic Recursive Unified Internet Design (DRUID) is a future Internet design that unifies overlay networks with conventional layered network architectures. DRUID is based on the fundamental concept of recursion, enabling a simple and direct network architecture that unifies the data, control, management, and security aspects of the current Internet, leading to a more trustworthy network. DRUID's architecture is based on a single recursive block that can adapt to support a variety of communication functions, including parameterized mechanisms for hard/soft state, flow and congestion control, sequence control, fragmentation and reassembly, compression, encryption, and error recovery. This recursion is guided by the structure of a graph of translation tables that help compartmentalize the scope of various functions and identifier spaces, while relating these spaces for resource discovery, resolution, and routing. The graph also organizes persistent state that coordinates behavior between individual data events (e.g., coordinating packets as a connection), among different associations (e.g., between connections), as well as helping optimize the recursive discovery process through caching, and supporting prefetching and distributed pre-coordination. This paper describes the DRUID architecture composed of these three parts (recursive block, translation tables, persistent state), and highlights its goals and benefits, including unifying the data, control, management, and security planes currently considered orthogonal aspects of network architecture.

show abstract

Section: Discussionmentioning

confidence: 99%