ERCIM News No.37 - April 1999
ATM Security Aspects
by Petia Todorova and Hartmut Brandt
Due to the increased usage of ATM (Asynchronous Transfer Mode) for broadband backbones in local area and wide area networks and the introduction of public ATM networks, existing security concepts and protection mechanisms have to be revised. This article gives an overview of some aspects which are currently being studied at GMD Institute for Open Communication Systems.
Today ATM is used, on one hand, to provide bandwidth for high quality multimedia applications (ATM to the desk) and, on the other hand, to serve as backbone for local and wide area IP (Internet Protocol) networks. With the adventure of signalled public ATM networks it is now possible for companies with local networks and telephone systems in different locations to integrate voice and data communication and to connect their local systems through the public ATM. The complexity of ATM and the variety of protocols and approaches involves the danger of bypassing traditional protection mechanisms and exposes the networks to new threats.
ATM to the desk
High quality multimedia applications like video conferencing and video retrieval demand very high bandwidth and quality guarantees from the network. ATM fulfills these requirements, but makes it necessary to use native ATM applications, eg applications that build directly on ATM and ATM signalling. Connecting these systems to a public switched ATM network (which only makes video conferencing useful) opens these systemes to threats from third parties. Malicious attackers are able to establish connections to the local ATM systems to get access to sensible information or to provide denial of service attacks. They may monitor and analyze traffic at intermediate nodes.
The ATM-Forum as one of the big ATM standardisation bodies is currently proposing an entire set of security mechanisms for ATM. These mechanisms require changes in switch software and are partly based on hardware (for encryption and checksumming). For this reason these features will probably not become available in the near future from the major ATM vendors.
The main use of ATM in private companies is as high speed backbone for IP networks. Companies which have facilities in different locations may need to interconnect their local networks through the public network (see figure). With the adventure of public switched ATM networks it is now possible to connect local CLIP (Classical IP over ATM), LANE (LAN emulation) or MPOA (Multiprotocol over ATM) islands more economically than by leased lines. Routing can be optimised and bandwidth resources need not to be pre-allocated.
Connecting a local IP network to a public ATM backbone involves an entire set of new threats to the IP network. Traditional level 3 protection mechanisms (IP firewalls) can be bypassed by attackers. Additionally, the inherent complexity of ATM protocols makes it hard to predict possible threats. So, for example, it is possible to establish a direct ATM connection to CLIP clients, if its address is known. Because this connection bypasses any IP firewalls, other mechanisms are needed to prevent these kinds of attacks.
The ATM security studies performed in the Center of Competence for Advanced Network Technologies and Systems (CATS) at GMD Institute for Open Communication Systems indicate that traditional IP security mechansims do not apply to ATM networks. A long term solution is the implementation of the ATM-Forum security standard, a short term solution is the implementation of an ATM-Firewall, which is currently done. Important topics for future work include the implementation of user plane authentication, data integrity and security audit and alarm reporting functions.
For more information on CATS, see http://www.fokus.gmd.de/research/cc/cats
Petia Todorova - GMD
Tel: +49 30 3463 7251
Hartmut Brandt - GMD
Tel: +49 30 3463 7352