- 著者
- Wataru Ohgai Takao Kondo Korry Luke Satoshi Kai Keisuke Uehara Satoru Tezuka
- 雑誌
- 研究報告コンピュータセキュリティ(CSEC) (ISSN:21888655)
- 巻号頁・発行日
- vol.2022-CSEC-96, no.16, pp.1-8, 2022-03-03
The TLS security model enables the identification and secrecy of the host-to-host communication channel on the Web; however, TLS cannot guarantee the relationship between service providers. This paper proposes a lightweight self-managed mutual declaration mechanism, M2DMRT, in which service providers mutually sign their TLS public keys and publish them in DNSSEC-protected DNS zones. With M2DMRT, service providers can mutually declare their relationships with each other, and end users can easily trust the relationships by verifying the signatures. Further, this paper implemented a server-side proof of concept. After evaluating its basic performance and feasibility from an Internet architecture perspective, this paper found this mechanism can realize more trustable Web security architecture by providing a sufficiently performant way to declare and verify relationships between service providers without significantly impacting the current Internet environment.
- 著者
- Kotaro KATAOKA Keisuke UEHARA Masafumi OE Jun MURAI
- 出版者
- The Institute of Electronics, Information and Communication Engineers
- 雑誌
- IEICE TRANSACTIONS on Communications (ISSN:09168516)
- 巻号頁・発行日
- vol.E95-B, no.7, pp.2200-2209, 2012-07-01
In disaster sites of 2011 Tohoku Earthquake, digital communication was virtually unavailable due to the serious damage to the existing Internet and ICT resources. Thus there were urgent demands for recovering the Internet connectivity and first aid communication tools. This paper describes the design and deployment of networking systems that provide Internet connectivity using 3G mobile links or VSAT satellite links. In this paper we examine two approaches for post-disaster networking: quickly deployable package and on-demand networking. Based on a comparison of their characteristics and deployment experiences, this paper tries to extract lessons that contribute to improving the preparedness to another disaster. This paper also shares our significant operational experience acquired through supporting a maximum of 54 sites in Tohoku area including evacuation shelters, temporary hospitals and local government offices.
- 著者
- Hajime Tazaki Rodney Van Meter Ryuji Wakikawa Keisuke Uehara Jun Murai
- 出版者
- Information Processing Society of Japan
- 雑誌
- Journal of Information Processing (ISSN:18826652)
- 巻号頁・発行日
- vol.19, pp.118-128, 2011 (Released:2011-03-09)
- 参考文献数
- 26
MANET for NEMO (MANEMO) is a new type of network that integrates multi-hop mobile wireless networks with global connectivity provided by Network Mobility (NEMO). Two factors limit the scalability of MANEMO: the volatility of topologically correct global addresses, and excessive traffic load caused by inefficient use of nested tunnels and the consequent redundant routing of packets. We propose NAT-MANEMO, which solves both problems by applying NAT for some mobile router addresses, bypassing tunnel nesting. This approach retains global addresses for mobile end nodes, preserving application transparency, and requires only minimal modification to existing specifications. Our ideas are evaluated using simulation and a proof of concept implementation. The simulation shows the additional signaling overhead for the route optimization introduced by our proposal is negligible compare to the bandwidth of an IEEE 802.11 link. The implementation confirms that route optimization reduces latency and improves throughput.