Corporate Intranet Security: Packet-Level Protocols for Preventing Leakage of Sensitive Information and Assuring Authorized Network Traffic

Boris S. Verkhovsky; Roberto D. Rubino

doi:10.4236/ijcns.2012.55033

International Journal of Communications, Network and System Sciences > Vol.5 No.5, May 2012

Corporate Intranet Security: Packet-Level Protocols for Preventing Leakage of Sensitive Information and Assuring Authorized Network Traffic

Boris S. Verkhovsky, Roberto D. Rubino
New Jersey Institute of Technology, University Heights, Newark, USA.
DOI: 10.4236/ijcns.2012.55033 PDF HTML 4,919 Downloads 7,208 Views Citations

Abstract

Securing large corporate communication networks has become an increasingly difficult task. Sensitive information routinely leaves the company network boundaries and falls into the hands of unauthorized users. New techniques are required in order to classify packets based on user identity in addition to the traditional source and destination host addresses. This paper introduces Gaussian cryptographic techniques and protocols to assist network administrators in the complex task of identifying the originators of data packets on a network and more easily policing their behavior. The paper provides numerical examples that illustrate certain basic ideas.

Keywords

Corporate Security; Authorized Traffic; Data Leakage; Cryptographic Token; Authentication; Trusted Authorities; Toom-Cook Algorithm

Share and Cite:

B. S. Verkhovsky and R. D. Rubino, "Corporate Intranet Security: Packet-Level Protocols for Preventing Leakage of Sensitive Information and Assuring Authorized Network Traffic," International Journal of Communications, Network and System Sciences, Vol. 5 No. 5, 2012, pp. 245-252. doi: 10.4236/ijcns.2012.55033.

Conflicts of Interest

The authors declare no conflicts of interest.

References

[1]	K. Nichols, S. Blake, F. Baker and D. Black, “Definition of the Differentiated Services Field (DS Field) in the IPv4 and IPv6 Headers,” Request for Comments 2474, 1998.
[2]	S. Kent and R. Atkinson, “IP Authentication Header,” Request for Comments 2401, 1998.
[3]	V. Bahl, A. Balachandran and S. Venkatachary, “The CHOICE Network: Broadband Wireless Internet Access in Public Places,” Microsoft Research, 2000.
[4]	M. Adler, “Trade-Offs in Probabilistic Packet Marking for IP Trace-Back,” Journal of the ACM, Vol. 52, No. 2, 2005, pp. 217-244. doi:10.1145/1059513.1059517
[5]	M. T. Goodrich, “Efficient Packet Marking for LargeScale IP Traceback,” Proceedings of the 9th ACM Conference on Computer and Communications Security, Washington, DC, 27-30 October 2003, pp. 117-126.
[6]	M. T. Goodrich, “Probabilistic Packet Marking for Large-Scale IP Traceback,” IEEE/ACM Transactions on Networking, Vol. 16, No. 1, 2008, pp. 15-24. doi:10.1109/TNET.2007.910594
[7]	C. Candolin, J. Lundberg and H. Kari, “Packet Level Authentication in Military Networks,” 6th Australian Information Warfare & IT Security Conference, Geelong, 24-25 November 2005.
[8]	H. Wang, A. Bose, M. El-Gendy and S. Kang, “IP Easypass: A Light-Weight Network-Edge Resource Access Control,” IEEE/ACM Transactions on Networking, Vol. 13, No. 6, 2005, pp. 1247-1260. doi:10.1109/TNET.2005.860113
[9]	R. D. Rubino, “An Open System for Transparent Firewall Authentication and User Traffic Identification within Corporate Intranets,” Proceedings of the 9th ACM SIGITE Conference on Information Technology Education, Cincinnati, 16-18 October 2008, pp. 113-118. doi:10.1145/1414558.1414591
[10]	B. Parno, A. Perrig and D. Anderson, “SNAPP: Stateless Network-Authenticated Path Pinning,” Proceedings of the 2008 ACM Symposium on Information, Computer and Communications Security, Tokyo, 14 May 2008, pp. 168-178.
[11]	B. Schneier, “Secrets and Lies: Digital Security in a Network World,” 1st Edition, John Wiley & Sons, New York, 2000.
[12]	B. Verkhovsky, “Fast Digital Signature Hybrid Algorithm Based on Discrete Logarithm, Entanglements of Plaintext Arrays and Factorization,” 7th International Conference Mathematics Modeling in Physics, Technology, SocioEconomic Systems and Processes, Ulyanovsk University, Ed. Y. Polyanskov, 2009.
[13]	B. Verkhovsky, “Overpass-Crossing Scheme for Digital Signature,” Proceedings of 13th International Conference on Systems Research, Informatics and Cybernetics, Baden-Baden, 30 July-3 August 2001.
[14]	R. Rivest, “The MD5 Message-Digest Algorithm,” Request for Comments 1321, 1992.
[15]	B. Schneier, “Applied Cryptography: Protocols, Algorithms and Source Code in C,” 2nd Edition, John Wiley and Sons, New York, 1996.
[16]	C. Madson and R. Glenn, “The Use of HMAC-MD5-96 within ESP and AH,” Request for Comments 2403, 1998.
[17]	A. Karatsuba and Yu. Ofman, “Multiplication of MultiDigit Numbers on Automata,” Soviet Physics-Doklady, Vol. 7, 1963, pp. 595-596.
[18]	A. Toom, “The Complexity of a Scheme of Functional Elements Realizingthe Multiplication of Integers,” Soviet Mathematics-Doklady, Vol. 7, 1963, pp. 714-716.
[19]	B. S. Verkhovsky and R. D. Rubino, “Internal Corporative Security: Protocols Preventing Leakage of Sensitive Information and Assuring Authorized Network Traffic in the Domain of Gaussian Integers,” Proceeding of the 18th International Conference on Software Engineering and Data Engineering, Las Vegas, 22-24 June 2009, pp. 244-249.
[20]	R. Crandall and C. Pomerance, “Prime Numbers: Computational Perspective,” Springer, New York, 2001.

Journals Menu

Follow SCIRP

	+1 323-425-8868
	customer@scirp.org
	+86 18163351462(WhatsApp)
	1655362766

	Paper Publishing WeChat

Journals Menu

Home

About SCIRP

Service

Policies