Layer 2 security inter-layering in networks

Altunbasak, Hayriye Celebi

Layer 2 security inter-layering in networks

Files

altunbasak_hayriye_c_200612_phd.pdf (540.55 KB)

Author(s)

Altunbasak, Hayriye Celebi

Advisor(s)

Owen, Henry L., III

Associated Organization(s)

Organizational Unit

School of Electrical and Computer Engineering

Organizational Unit

College of Engineering

Abstract

An architectural framework is proposed to secure the data link layer (Layer 2) in Internet protocol (IP) over Ethernet networks. In this architecture, a new security inter-layering concept, incorporating cryptographic Layer 2 identities, is introduced. Instead of traditional media access control (MAC) addresses, secure and flexible data link layer identifiers are utilized to securely bind Layer 2 and upper layers. In addition, to create security parameters and negotiate identifiers at the data link layer, a key establishment protocol is presented. Moreover, this architecture incorporates the IEEE 802.1AE standard (MACsec) and uses a key hierarchy similar to the IEEE 802.11i standard for future compatibility of wired and wireless networks. Finally, we provide a security analysis of the new data link layer security architecture.

Date

2006-11-20

Extent

553522 bytes

Resource Type

Text

Resource Subtype

Dissertation

Full item page