An Alternative Access Control Architecture for IP Over ATM Networks

  • Olivier Paul
  • Maryline Laurent
Part of the IFIP — The International Federation for Information Processing book series (IFIPAICT, volume 23)


In this article, we describe a new architecture providing the access control service in both ATM and IP-over-ATM networks. This architecture is based on management agents distributed in network equipment. Several examples are given illustrating the benefits of this architecture. The comparison with other approaches shows that this architecture provides big improvements in ATM-level access control, scalability and QoS preservation.


Access Control Management Security ATM Agents MIBs IP-over-ATM. 


  1. [7498-2]
    ISO 7498–2:1989, Information processing systems - Open Systems Interconnection - Basic Reference Model - Part 2: Security Architecture, ISO, 1989.Google Scholar
  2. [Atom98]
    Definitions of Supplemental Managed Objects for ATM Management, Faye Ly, Michael Noto, Andrew Smith, Kaj Tesink, Internet Draft. March 1998.Google Scholar
  3. [Ba98]
    Basking in Glory-SNMPv3, Dan Backman, Network Computing, August 1998.Google Scholar
  4. [Da98]
    An FPGA-Based Coprocessor for ATM Firewalls, J. McHenry, P. Dowd, F. Pellegrino, T. Carrozzi, W. Cocks, in proceedings of IEEE FCCM97, April 1997.Google Scholar
  5. [Data97]
    Firewalls: Dont Get Burned, David Newman, Helen Holzbaur, and Kathleen Bishop, Data Communications, March 1997.Google Scholar
  6. [JA98]
    ATM Net Management: Missing Pieces, Joe Abusamra, Data Communications, May 1998.Google Scholar
  7. [Kl981]
    Firewall Shootout Test Final Report, Keylabs,Networld+Interop98, May 1998.Google Scholar
  8. [Kar98]
    Integrated Access Control Management, Günter Karjoth. In Lecture Notes in Computer Sciences, 1995.Google Scholar
  9. [PN98]
    Où trouver l’information de contrôle d’accès dans les réseaux ATM. Olivier Paul, Maryline Laurent, Technical report. ENST de Bretagne. September 1998.Google Scholar
  10. [PLg98]
    Manageable parameters to improve access control in ATM networks, Olivier Paul, Maryline Laurent, Sylvain Gombault, Proceedings of the 5th HP-OVUA Workshop, April 1998.Google Scholar
  11. [PN98]
    Insertion, evasion, and denial of service: eluding network intrusion detection, T. Ptacek, T. Newsham, Technical report, Secure Network, January 1998.Google Scholar
  12. [Ran92]
    A network firewall, M. Ranum, Proc. World Conference on System Administration and security, 1992.Google Scholar
  13. [RFC2012]
    RFC2012] : SNMPv2 Management Information Base for the Transmission Control Protocol using SMIv2, RFC 2012, K. McCloghrie, November 1996.Google Scholar
  14. [RFC2233]
    SNMPv2 Management Information Base for the User Datagram Protocol using SMIv2, RFC 2013, K. McCloghrie, November 1996.Google Scholar
  15. [RFC2233]
    The Interfaces Group MIB using SMIv2, RFC 2233, K. McCloghrie, F. Kastenholz, November 1997.Google Scholar
  16. [RFC2287]
    Definitions of System-Level Managed Objects for Applications, RFC 2287, C. Krupczak, J. Saperia, February 1998.Google Scholar
  17. [Schu98]
    On the modeling , design and implementation of firewall technology, Christoph Schuba, Ph.D. Thesis, Purdue University, December 1997.Google Scholar
  18. [SEC1.0]
    ATM Security Specification Version 1.0, The ATM Forum Technical Committee. July 1998.Google Scholar
  19. SKM97] : System Security Management via SNMP, F. Stamatelopoulos, G. Koutepas, B. Maglaris, Proceedings of the 4th HPOVUA workshop. April 1997.Google Scholar
  20. [Sta93]
    SNMP, SNMPv2 and CMIP, The pratical guide to network management Standards. William Stallings. Addison-Wesley. 1993.Google Scholar
  21. [ T11395]
    Détection d’intrusions dans les réseaux de communication, K. Tibourtine, Ph.D. Thesis. Université de Paris Sud. February 1995.Google Scholar
  22. [XS97]
    Design of a High-Performance ATM Firewall, J. Xu, M. Singhal, Technical report, The Ohio State University, 1997.Google Scholar

Copyright information

© Springer Science+Business Media Dordrecht 1999

Authors and Affiliations

  • Olivier Paul
    • 1
  • Maryline Laurent
    • 1
  1. 1.RSM DepartmentENST de BretagneCesson-SévignéFrance

Personalised recommendations