14th Annual Computer Security Applications Conference
December 7-11, 1998
Phoenix, Arizona


Security Services For ATM Networks

Rajan Shankaran1 Vijay Varadharajan2,and Michael Hitchens

Asynchronous Transfer Mode (ATM) is seen to be a technology that allows flexibility, efficiency and manageable bandwidth on demand to be achieved in high- speed networks. ATM is able to support a variety of applications including voice, video, image and data with different quality of service requirements. This paper addresses the design and implementation of security services and mechanisms in ATM networks. The paper examines the various design options for the placement of security services within the ATM protocol reference model and considers their advantages and disadvantages. The option of placing the security layer between the AAL and the ATM layer is selected and the design of security services such as confidentiality, integrity and data origin authentication services in the user plane are described. The paper then presents an authentication scheme and key establishment protocol. This protocol is integrated with the existing ATM signaling protocols as part of the call setup procedures in the control plane. Then the paper considers the design of public key management protocols between ATM nodes and Certification Authority for initializing, retrieving and distributing public key certificates. Finally, the paper considers the design of access control service for ATM networks and discusses the issues involved in the provision of access control mechanisms both at connection setup phase and the user data transfer phase.