加入收藏夹
联系我们
关于本站
个人主页
西电导航
西安电子科技大学
    当前位置:首页>>学术讲座
Cooperative Security for 5G and the Internet
时间:2018-05-31 11:36    点击:   所属单位:通信工程学院
讲座名称 Cooperative Security for 5G and the Internet
讲座时间 2018-06-05 14:30:00
讲座地点 北校区新科技楼1012会议室
讲座人 Prof. Raimo Kantola
讲座人介绍 Raimo Kantola is a professor of Networking Technology at Aalto, Dept. of Communications and Networking. After some 15 years at Nokia Switching Systems in R&D, Product Marketing and Research in positions from SW designer to Department Head, Kantola joined TKK in 1996 as a pro tem professor and was tenured in 2005. His recent research is in the area of trust management and cooperative security for the Internet and 5G. At the moment the work is done in the contexts of 5G, Software Defined Networking and the Industrial Internet.
讲座内容 The prevailing attitude in current Internet security is “everyone for himself”. Sharing of knowledge in these matters is fragmented and poorly developed. In cooperative security, good guys form trust domains share evidence of misbehaviour and try to defend against the attackers with joint efforts. The cooperation is automated using suitable protocols and other systems. To help the cooperation, an ISP or any other customer network operator/admin has an important role in aggregating and processing evidence and sharing the results with others. In our implementation of the concept we use Customer Edge Switching (CES) which is still a research concept. When used, hosts are behind CES nodes that are generalised NATs and cooperative firewalls that form a chain of trust on a required level of trust from host-to-firewall to firewall-to-host. All flows are admitted based on a policy match at both ends of the communication path. Policies are per user/host. Upon detection of misbehaviour, a CES node can immediately delegate the restraining responsibility of the malicious or suspected host to the remote edge. The hypothesis is that the security engine is generic for most use cases but that the security can be tailored by modifying the policy management system to the use case such as Mobile Broadband or Industrial Internet. Besides the constructive work, we have looked at the motivation to cooperate  as well as the adoption of trust management in a wide area context using game theory. We propose to use the CES concept first to defend ultra-reliable services in 5G against all attacks. The implementation follows SDN principles, so firewalling capacity is largely taken from the cloud. Customer Edge switching allows deployment one network at a time. For this purpose, it includes a Realm Gateway (RGW) which combines a destination side NAT (DNAT) with a DNS leaf node and admits dynamically flows from legacy Internet hosts to hosts in a private address space (such as a smart phone in Mobile network).  Besides SDN, the implementation heavily relies on Linux capabilities.
Compared to the state of the art, CES adapts the Internet to the era when majority of the end devices are wireless and battery powered. It also provides a step-wise improvement of security by offering several automatic means of attack mitigation.
转载请注明出处:西安电子科技大学学术信息网
如果您有学术信息或学术动态,欢迎投稿。我们将在第一时间确认并收录,投稿邮箱: meeting@xidian.edu.cn
Copyright © 2011-2019 西安电子科技大学 
开发维护:电子工程学院网络信息中心  管理员:meeting@xidian.edu.cn 站长统计: