Internet unite-and-conquer architecture

Kamyab Karimi

Back

Thesis

Open access

Internet unite-and-conquer architecture

Kamyab Karimi

Washington State University

Master of Science (MS), Washington State University

2012

Handle:

https://hdl.handle.net/2376/103109

Files and links (1)

pdf

k_karimi_0706121.06 MBDownload View

Open Access

Abstract

Computer network architectures.;Computer networks--Security measures.;Public key infrastructure (Computer security)

This thesis presents UnC (Unite and Conquer), a network architecture for the Internet that provides a self-certifying mechanism to reliably distribute, retrieve, and authenticate the public keys across the Internet. UnC may be used in parallel with the existing Public Key Infrastructure (PKI) ecosystem to provide an additional validation step for certificates offered by the PKI model. Leveraging the properties of the Internet infrastructure combined with cooperation from other hosts that act as notaries, UnC attests to the stability of certificates in time and space. By uniting notaries, UnC overwhelms and outnumbers attackers, and it uses this unity to conquer attack plots. Unlike existing proposals aimed to incorporate accountability into the Internet, UnC does not require external certificate hierarchies or certificate authorities to manage digital certificates. UnC can also be integrated in the Secure DNS (DNSSEC) protocols as well as the Secure BGP (S-BGP) protocol to eliminate the need for external key structures while protecting bindings between the entities and their IP addresses, and the integrity of the routing tables between Autonomous Systems. This thesis describes the UnC architecture in detail, including the actions of each different kind of participant. It describes how UnC deals with well-known attack models, which are readily available on the Internet. The major contribution of this thesis is to open up a new door for the research community where the overwhelming majority of well-intended nodes is used to enhance the security of the PKI ecosystem and the Internet.

Metrics

8 File views/ downloads

9 Record Views

Details

Title: Internet unite-and-conquer architecture
Creators: Kamyab Karimi
Contributors: Carl H. Hauser (Degree Supervisor)
Awarding Institution: Washington State University
Academic Unit: Electrical Engineering and Computer Science, School of
Theses and Dissertations: Master of Science (MS), Washington State University
Publisher: Washington State University; Pullman, Wash. :
Identifiers: 99900525274501842
Language: English
Resource Type: Thesis