A Unified Approach to Intra-Domain Security
Source: Indiana University
While a variety of mechanisms have been developed for securing individual intra-domain protocols, none address the issue in a holistic manner. The authors develop a unified framework to secure prominent networking protocols within a single domain. They begin with a secure version of the DHCP protocol, which has the additional feature of providing each host with a certificate. They then leverage these certificates to secure ARP, prevent spoofing within the domain, and secure SSH and VPN connections between the domain and hosts which have previously interacted with it locally. In doing so, they also develop an incrementally deployable public key infrastructure which can later be leveraged to support inter-domain authentication.