Infrastructure-Level
Protection to Ensure Critical Communications
Supported
by NSF 0649950, $198K, Project Period, 09/2006 to 08/2008.
The availability of critical services and
systems such as water and power control systems becomes an extraordinary urgent
and important issue, as we see more and sophisticated cyber attacks aiming at
disrupting these critical services and systems. In this project, we will address
this fundamental issue and investigate strong protection schemes for critical
communications on the nations information infrastructure. We will examine the
limitations of the current mechanisms and the main challenges in addressing
these problems. As the first step to address these issues, we focus on
bandwidth flood attacks and propose a bandwidth reservation framework at the
infrastructure level to assure the service quality of critical communications
under flood attacks.
The current Internet does not provide hard
guarantees for mission critical communications. Although quality-of-service
(QoS) has been extensively examined in the past decade and many QoS schemes have
been proposed, we have not seen a practical QoS solution broadly deployed on
the Internet, espec
To address this issue, we will develop a
security framework that provides infrastructure-level protection for the communications
of mission-critical systems by incorporating secure bandwidth reservation and
management with Trusted-Computing (TC) platforms. We will emphasize the
following research issues: (1) We will examine the
limitations of current approaches, and present a promising practical framework
to address these limitations. (2) We will investigate and design secure
highly-available mechanisms and algorithms to assure the service quality for
critical systems, which support provable guarantees for critical systems
against den
People
Yingfei Dong
Xiaojiang Liu
Jiang Li