Learn More
— The TCP/IP suite, the basis for today's Inter-net, lacks even the most basic mechanisms of authentication. As usage of the Internet increases, its scarcity of built-in security becomes more and more problematic. This paper describes serious attacks against IP control and management protocols with an accent on the ICMP protocol, as well as some of the(More)
Status of this Memo This document specifies an Internet standards track protocol for the Internet community, and requests discussion and suggestions for improvements. Please refer to the current edition of the "Internet Official Protocol Standards" (STD 1) for the standardization state and status of this protocol. Distribution of this memo is unlimited.(More)
Embedding user subscription time into cryptographic key generation and assignment for hierarchical access control has raised tremendous interest among researchers and practitioners in multicast, broadcast, and secure group communication fields. During the subscription period, a user of a higher class can compute the (time-bound) keys of his/her own class(More)
Storage Area Networks, with their ability to offer high data availability, reliability and scalability, are a promising solution for the large scale storage needs of many enterprises. As with any distributed storage system, a major design challenge for a Storage Area Network (SAN) is to provide data integrity and confidentiality. In this paper, we propose a(More)
—This paper presents Lcast, a scalable network-layer single-source multicast framework. Lcast builds a router overlay for inter-domain content distribution and interfaces with intra-domain multicast for seamless interaction with end-hosts. The architecture is built as an extension of the Locator/ID Separation Protocol (LISP), a proposed scalable Internet(More)
This paper analyzes the problem of secure document management and distribution in an open network environment. Reader and author authentication, document i n tegrity, origin, and privacy are addressed by a public-key based solution which exploits a combination of the PEM format with SSL-enhanced FTP and HTTP servers and clients. The solution is being(More)
Even though the theory behind digital signatures is fully understood and the related cryptographic methods have proved the efficiency in deploying security services, concrete application of digital signature to real electronic documents is still hindered by the lack of standards. In particular, we lack standards for the format of the data to be signed, the(More)
This paper describes the experience in securing distributed applications gained in the Demostene project, funded by the Italian National Research Council (CNR). The project aimed to provide security for distributed systems in the heterogeneous environments found in the information systems of the Italian Public Administration. The work was based on the(More)
1. Introduction Computer networks offer significant business opportunities but greatly increase the risk of exposing the system to security breaches that can make it unreliable and/or unusable and can make its services unavailable. In fact, in interconnected systems the information traverses continuously untrusted gateway and crosses potentially malicious(More)