Asynchronous Transfer Mode (ATM) has emerged as the most promising technology in supporting future broadband multimedia communication services. To accelerate the deployment of ATM technology, the ATM forum, which is a consortium of service providers and equipment vendors in the communication industries, has been created to develop implementation and specification agreements. In this article, we present a brief overview on ATM protocol layers and current progress on LAN Emulation and Traffic Management in the ATM forum.

It is clear that Asychronous Transfer Mode (ATM) technology will play a central role in the evolution of current workgroup, campus and enterprise networks. ATM delivers important advantages over existing LAN and WAN technologies, including the promise of scalable bandwidths at unprecedented price and performance points and Quality of Service (QoS) guarantees, which facilitate new classes of applications such as multimedia.

Security issues relevant to communications across Asynchronous Transfer Mode (ATM) based public networks are considered, with particular attention paid to the needs of defence users. A security architecture based on a defence submission to an ATM standards committee is sketched out, and traffic analysis and covert channel threats and countermeasures discussed.

Since ATM has been the object of much hyperbole as “the” or even “the one-and-only” future network technology, it is tempting to summarize some of the open issues and, more importantly, principal limitations of the technology. Surprisingly, there has been little published in the technology literature concerning the demerits and problems of ATM. Some of the problem areas are shared with its two older siblings: X.25 and ISDN (Q.931) signalling. In the following, we summarize some of the issues that may interfere with widespread deployment, ease of high-speed implementation or present architectural concerns. Due to the limited space, the arguments are by necessity abbreviated, omitting the necessary qualifiers, counter arguments. Hopefully, these will be added at the workshop.

This contribution identifies security scope and requirements in ATM networks. It first discusses general network security services and identifies the security service required in ATM. It then considers three scenarios: the end-to-end case (securing ATM connections between the ATM endpoints), the edge-to-edge case (securing the part of a connection crossing a public network), and the endpoint-to-switch case (securing ATM connection between and ATM endpoint and a switch). It further elaborates on the issue of authenticated (and other security related) signalling treated in previous contributions and suggests a clear separation between the authentication needed at the ATM level on one side and the higher-level (end-user) authentication needed by network and service providers on the other side. Finally, it is suggested how to include different levels of authentication information in ATM signalling messages.

In this paper we identify and address the challenges unique to providing a secure ATM network. We analyse the network environment and consider the correct placement of security mechanisms, with particular attention to data transfer protection, in such an environment. We then introduce and describe a key agile cryptographic device for ATM networks. We present the techniques to provide data confidentiality, synchronisation, dynamic key change, dynamic initialisation vector change, data integrity and replay ’ protection on ATM data transfer. Finally, we discuss the corresponding control functions for setting up such a secure channel. We examine the impact of key exchange protocols on the design of ATM signalling protocols. Our efforts in providing novel security services in ATM signalling systems has also been presented.

High-speed networking technology and standards have progressed dramatically in the past few years and much attention is now focused on deployment efforts, such as the North Carolina Information Highway (NCIH) [7], and applications. With this shift in emphasis, concerns have been raised about information security. Examples of abuse of the Internet abound and unfortunately ATM networks are subject to many of these same abuses. This is of substantial concern when thinking about extending the reach of public data networking to broad segments of society.

A national study of corporate security directors was conducted to examine their experiences with computer crime. using established survey research methods, the authors assessed the extent of victimization, the character of computer crimes, who the perpetrators were, the introduction of viruses, unauthorized access to computer files, harassment via computers, destruction of virtual property, telecommunications fraud via computers, and computer security conter measures. The results showed the 98.5

Current investigations into computer intrusions usually focus on individual systems and geographically localized incidents. However, in reality, many intrusions are interrelated and international in scope. To better protect systems, intrusions must be understood in their proper context; not in the isolated focus of a single incident. Key to a global understanding of these threats is classifying the various motives of individuals and groups involved. When incidents are investigated in their global context, it is possible to analyze the dynamics and patterns of interrelated incidents previously misunderstood or ignored. This paper will summarize the author’s investigations of international intrusions during the last eight years to present a classification model of attributes and motives displayed by intruders, and explain common patterns of activities. Finally, current technical trends are considered in order to understand potential future risks.

Although computer intrusions have exsisted from the moment of the Internet’s birth, until recently system administrators either did not consider them to be a serious problem or were totally ignoring them. Unfortunately, hiding their heads in the sand did not make intrusions disapper; rather, it gave the intruders time to create more and more sophisticated attack tools, making the countermeasures necessary to block the attacks a very high tech, time and monetary consuming activity. This paper is an attempt to summarize the techniques used to detect and successfully defeat attacks launched by the intruders equipped with the modern intrusion kits in high availablility environments such as the communication carriers.

In view of the increasing threat of unauthorized intrusions into Department of Defense computer systems, you asked us to report on the extent to which Defense computer systems are being attacked, the actual and potential damage to its information and systems, and the challenges Defense is facing in securing sensitive information. This report identifies opportunities and makes recommendations to the Secretary of Defense to improve Defense’s efforts to counter attacks on its computer systems.

This document discusses many of the security-related elementes of AIX 4.1. It is directed toward a reader who is a system administrator for one or more AIX systems, although much of the material may be useful to AIX users. Recommendations and suggestions for installation and day-to-day administration are included. Specialized topics, including DCE and NIS, are not discussed. Basic UNIX knowledge is assumed.

The Handbook is presented as a set of methods and procedures in checklist form which higlight the steps necessary to institute and maintain a more secure environment. It also provides procedures used to detect inconsistencies within the system, which may indicate breaches of security.

This guide describes the tasks and considerations associated with managing system security in an ULTRIX environment.