Performance-aware security of unicast communication in hybrid satellite networks (original) (raw)
Related papers
International Journal of Satellite Communications and Networking, 2013
Applications that use the reliable Transmission Control Protocol (TCP) have a significant degradation over satellite links. This degradation is mainly a consequence of the congestion control algorithm used by standard TCP, which is not suitable for overcoming the impairments of satellite networks. To alleviate this problem, two TCP PEPs (Performance-Enhancing Proxies) can be deployed at the edges of the satellite segment. Then, these PEPs can use different mechanisms such as snooping, spoofing and splitting to achieve a better TCP performance. In general, these mechanisms require the manipulation of the IP and TCP headers which generates a problem when deploying the standard IPsec security protocol. The security services that IPsec offers (encryption and/or authentication) are based on the cryptographic protection of IP datagrams, including the corresponding IP and TCP headers. As a consequence, these cryptographic protections of IPsec conflict with the mechanisms that PEPs use to enhance the TCP performance in the satellite link. In this article, we detail which are the reasons that cause this conflict, and we propose three different approaches to deploy IPsec in a scenario with TCP PEPs. Our proposals provide different trade-offs between security and TCP performance in some typical scenarios that use satellite networks.
Network security and performance evaluation of ML-IPSec over satellite networks
The peculiar characteristics of the satellite links affect performance of the TCP protocol, largely used by most of the Internet applications. Then, to achieve good performance TCP Performance Enhancing Proxy mechanisms are often used. In principle, a TCP PEP mechanism accelerates TCP transfers requiring access to TCP headers in intermediate nodes. As a drawback, this conflicts with IPsec, which requires end to end semantic be respected. ML-IPsec has been identified as a suitable trade-off solution which can mitigate such a conflict. This paper addresses security issues for satellite systems highlighting the need to guarantee both security and performance. Finally, performance of different security schemes, carried out through simulations, are shown.
A Security Architecture for a Satellite Network Transport Architecture
This paper presents the security architecture designed for SaNTA (Satellite Networks Transport Architecture). SaNTA is an architecture designed for accelerating TCP connections through satellite links. It uses a split architecture to overcome problems in the TCP congestion control mechanism when using satellite links. However, such split architecture cannot easily interoperate with secure communication protocols, that use a end-to-end paradigm. In this paper we present a security architecture for SaNTA using state-of-the-art security solutions: IPSec and SSL/TLS, as well as packet-filtering firewalls and NAT gateway mechanisms. This security architecture allows SaNTA to deal properly with end-to-end secure communication protocols, though not accelerating them, and to properly protect all traffic managed by SaNTA. â€
E2E KEEP: End to End Key Exchange and Encryption Protocol for Accelerated Satellite Networks
Int'l J. of Communications, Network and System Sciences, 2012
Accelerating methods are used to enhance TCP performance over satellite links by employing Performance Enhancement Proxies (PEPs). However, providing a secure connection through the PEPs seems to be impossible. In this paper an appropriate method is proposed in order to provide an accelerated secure E2E connection. We show an efficient secure three-party protocol, based on public key infrastructure (PKI), which provides security against spiteful adversaries. Our construction is based on applying asymmetric cryptography techniques to the original IKE protocol. Security protocols use cryptography to set up private communication channels on an insecure network. Many protocols contain flaws, and because security goals are seldom specified in detail, we cannot be certain what constitute a flaw. Proofing security properties is essential for the development of secure protocol. We give a logic analysis of the proposed protocol with the BAN-logic and discuss the security of the protocol. The result indicates that the protocol is correct and satisfies the security requirements of Internet key exchange. Based on the results of this preliminary analysis, we have implemented a prototype of our security protocol and evaluated its performance and checked safety properties of security protocol, and the results show that the protocol is robust and safe against major security threats.
LIFT: a Local IPSec-aware Freezing Protocol to improve TCP Performance in Satellite Networks
Journal of Communications Software and Systems, 2017
In this paper a protocol, local to the satellite link, is defined in order to boost TCP performance in mobile integrated wired-satellite Internet. It has been conceived to help to overcome the well known retransmissions competition problem that arises when a satellite reliable link layer protocol is used to face satellite link errors. This protocol, called Local IPSec-aware Freezing proTocol (LIFT), has been designed to allow the satellite gateway, even in the presence of communications secured by IPSec, to freeze the TCP sender when it perceives a possible delay due to satellite channel conditions. The effectiveness of LIFT has been evaluated, using the ns-2 tool, in terms of Web page download mean time for a satellite mobile host. Simulation results have shown that the adoption of LIFT protocol provides substantial improvements in TCP performance.
Security issues in hybrid satellite networks
2004
Satellites are expected to play an increasingly important role in providing broadband Internet services over long distances in an efficient manner. Future networks will be hybrid in nature -having terrestrial nodes interconnected by satellite links. Security is an important concern in such networks, since the satellite segment is susceptible to a host of attacks including eavesdropping, session hijacking and data corruption. In this paper we address the issue of securing communication in satellite networks. We describe the different kinds of hybrid network topologies considered for deployment. We discuss various security attacks that are possible in these networks, and survey the different solutions proposed to secure communications in the hybrid networks. We point out important drawbacks in the various proposed solutions, and suggest a hierarchical approach to add security to the hybrid networks.
SatIPSec: an optimized solution for securing multicast and unicast satellite transmissions
2004
In satellite networks, the security of data exchanged on the satellite segment is threatened by many types of attacks such as eavesdropping, intrusion of unauthorized satellite terminals, satellite terminal cloning… The integration of security mechanisms is therefore considered today as an essential requirement. Some existing solutions may be recommended, however they do not offer all the necessary security services. For instance, the optional security mechanisms defined in the DVB-RCS standard provide insufficient security support, especially in satellite networks with natural broadcast/multicast capability over large areas. The use of well-known upper layers security protocols such as SSL (Secure Socket Layer) or IPSec/IKE can be considered too, but they are dedicated to unicast communications. The SatIPSec solution has been designed to provide an optimized and adapted security solution for satellite networks. It offers a new way of transparently and efficiently securing unicast and multicast satellite transmissions, with a strong access control, data confidentiality, data integrity, and data authentication as security services. SatIPSec has recently been implemented in a demonstrator developed in the context of the SATIP6 IST project. In this implementation, which allows to manage centrally secure multicast groups and Virtual Private Networks, key distribution is achieved according to the "Flat Multicast Key Exchange" protocol of SatIPSec, and data are encrypted and authenticated according to the IPSec protocol adapted to multicast. This paper introduces the principles of the security mechanisms involved in SatIPSec, and presents the features of the implementation and its results.