• 主题
高级搜索  >
历史搜索 清空历史
首页> 外文会议>2016 IFIP Networking Conference and Workshops >Securing the Private Realm Gateway
【24h】

Securing the Private Realm Gateway

机译:保护私有领域网关

获取原文
获取原文并翻译 | 示例
页面导航
  • 摘要
  • 著录项
  • 相似文献
  • 相关主题

摘要

The traditional mechanisms to traverse Network Address Translators (NAT) do not scale well to battery powered mobile-hosts: the majority of Internet users today. Private Realm Gateway (PRGW) aims to replace NATs at network edges and overcome the drawbacks of the NAT traversal mechanisms. The solution does not require changes in end-hosts or protocols, and hosts in the private realm can remain globally reachable without polling. PRGW handles incoming connections based on domain resolution of the served hosts. Incoming DNS queries create connection state in PRGW for subsequent packet forwarding. The connection state provides means for access control on the Internet-originated flows. This paper analyses the security of PRGW and introduces mechanisms that protect the served hosts and networks against Internet-borne attacks, in particular: address spoofing and Distributed Denial of Service (DDoS). The paper contributes to establish PRGW as an incrementally deployable network function that offers light-weight NAT traversal and protects the private realm against the inherent Internet threats.
机译:遍历网络地址转换器(NAT)的传统机制无法很好地适应电池供电的移动主机:当今的大多数Internet用户。专用域网关(PRGW)旨在替换网络边缘的NAT,并克服NAT穿越机制的缺点。该解决方案不需要更改最终主机或协议,并且私有域中的主机可以保持全局可访问性而无需轮询。 PRGW根据所服务主机的域解析来处理传入连接。传入的DNS查询在PRGW中创建连接状态以用于后续的数据包转发。连接状态提供了对源自Internet的流进行访问控制的手段。本文分析了PRGW的安全性,并介绍了保护服务的主机和网络免受Internet传播的攻击的机制,特别是:地址欺骗和分布式拒绝服务(DDoS)。本文有助于将PRGW建立为可增量部署的网络功能,从而提供轻量级NAT遍历并保护私有领域免受固有的Internet威胁。

著录项

相似文献

  • 外文文献
  • 中文文献
  • 专利
获取原文

客服邮箱:kefu@zhangqiaokeyan.com

京公网安备:11010802029741号 ICP备案号:京ICP备15016152号-6 六维联合信息科技 (北京) 有限公司©版权所有

  • 客服微信

  • 服务号