中文网站
  Advanced Search
Read the latest Blogs from IT professionals in the field. Read and write community created documents. Need IT help? Ask our staff. Connect with your peers. Check our Tech Shop for posters, books and software tools. Home
HomeInfobaseNetworkingWAN

ATM Network Security: Solutions, Technologies and Specifications

Asynchronous Transfer Mode (ATM) network usually has less security exposures than TCP/IP network because it is often used as the backbone with fiber cables as the media for private or semi-private communications. The costly for attackers to break into the ATM network is higher. However, there are still many vulnerabilities in the ATM network, such as information sniffing, ATM based spoofing, denial of service attack, ATM Switch Attach, ILMI attack, virtual circuits hijacking and traffic analysis. ATM security risks exist at each plane in the ATM Reference Model. For the ATM user plane, access control, authentication, data confidentiality and integrity are the main concerns. At the ATM Control plane, authentication of signal and data integrity are the main concern. At the ATM Management plane, Bootstrapping security, authenticated neighbor discovery, the Interim Local Management Interface security and permanent virtual circuit security should be considered.

Solutions to the ATM Security Issues

Secure ATMARP Services

This will reduce the risk of ATM based spoofing, ILMI based attacks, Denial of Service attacks. The protection of the ATMARP service requires three steps:

  • Configuration of the ATMARP server on one node in the LIS
  • Configuration of static ARP entries for each known node in the LIS
  • Auditing of all ATMARP queries coming from hosts that were not configured with a static ARP entry.

Integration of ATM Switch and a Firewall: A firewall in an ATM network needs to integrate the ATM switch to prevent denial of service, spoofing, connection hijacking and other attacks from succeeding. An access control list should be integrated into the firewall to filter out possible attacks.

ATM Forum Security Specifications

The ATM Forum, an organization define ATM standards, has issued a few documents defining the security framework, requirements and implementation specifications. The current version of the ATM Forum security specification is version 1.1 which is followed by a few addendums. The following table illustrate ATM Security Scope as specified in the ATM Security Specification 1.1:

Bandwidth Allocation

Bandwidth Allocation

Related Terms: ATM security, Virtual Circuit, ATMARP, ATM Based Spoofing, ILMI Attack, Denial of Service, Information Sniffing, ATM Switch Attack

Reference Links: http://www.atmforum.com/standards/approved.html: ATM Security Specifications

‹ Networking WANupLayer 3 IP VPN: Internet Protocol Virtual Private Network ›