The Journal of the Korea institute of electronic communication sciences (한국전자통신학회논문지)

Korea Institute of Electronic Communication Science (한국전자통신학회)
권호 표지
DOI QR코드

DOI QR Code

The case study to verify of a network based on router applying an ACL(: Access List)

ACL(: Access list)이 적용된 라우터 기반 네트워크의 검증 사례연구

  • Received : 2016.05.09
  • Accepted : 2016.05.24
  • Published : 2016.05.31
Download PDF
⟨ Previous Next ⟩

Abstract

An ACL(: Access List), a list that determines network access, is used for the security of the network. An ACL if applied to a interface of router can filter particular packets. Also it can block or allow the access of certain unauthorized IPs or ports, based on the source address, destination address, and TCP/UDP port. This paper presents a simulation case to verify the effect of a router-based network applying Standard ACL or Extended ACL. The network was created through designing topology and then making a common virtual network using a Packet Tracer.

ACL(: Access List)은 네트워크의 접근 허용 여부를 정해놓은 목록으로 주로 네트워크의 보안을 위해 사용한다. 라우터 인터페이스에 적용함으로써 특정 패킷을 필터링하고 출발지 주소, 목적지 주소, TCP/UDP 포트 등을 기반으로 허가되지 않은 특정 IP 혹은 포트를 지정하여 차단하거나 허용한다. 본 논문에서는 표준 ACL과 확장 ACL이 적용된 라우터 기반의 네트워크를 설계하기 위해 토폴로지를 설계한 후 패킷 트레이서를 이용하여 공통 가상 망을 구현한 다음 시뮬레이션을 통해서 결과를 검증할 수 있는 네트워크의 효율적인 구현사례를 제시하였다.

Keywords

References

  1. G. Jin, CISCO Networking, vol. 2, Seoul, Korea, Sung An Dang, March 2011, pp. 132.
  2. D. Eck, "Access Control Lists to Protect a Network from Worm/DoS Attacks,"GSEC(:GIAC(:Global Information Assurance Certification) Security Essentials Certification) Practical Assignment, ver. 1.4, Option 1, Dec 4, 2003, pp. 1-22.
  3. R. Tolani, "Better Security through Access-List Management," Global Knowledge Training LLC(:Limited Liability Company), Jan. 2007, pp. 1-8.
  4. N. Navato, "Easy Steps to Cisco Extended Access List," GSEC(:GIAC(:Global Information Assurance Certification) Security Essentials Certification) Practical Assignment, ver. 1.2e, June 2001, pp. 1-10.
  5. S. Kaushik, A. Tomar, and Poonam, "Access Control List Implementation in a Private Network," International Journal of Information & Computation Technology. vol. 4, no. 14, 2014, pp. 1361-1366.
  6. K. Kim and S. Park, "Access-Control List research on the impact on performance MPLS GE," Conf. of the Korea Information Processing Society, Seoul, Korea, vol. 12, no. 1, May 2005, pp. 1397-1400.
  7. N. Kim, "The case study for verification of ACL(Access List)," Conf. of the Korea Institute of Electronic Communication Sciences, Sokcho, Korea, vol. 9, no. 2, Nov. 2015, pp. 164-167.
  8. W. Seo and M. Jun, "A Study on Security Hole Attack According to the Establishment of Policies to Limit Particular IP Area," J. of The Korea Institute of Electronic Communication Sciences, vol. 5, no. 6, Dec. 2010, pp. 625-630.
  9. C. Lee, "A Study on MD5 Security Routing based on MANET," J. of the Korea Institute of Electronic Communication Sciences, vol. 7, no. 4, Aug. 2012, pp. 797-803.
  10. C. Lee, "A Routing Security Authentication using S-EKE in MANET Environments," J. of the Korea Institute of Electronic Communication Sciences, vol. 9, no. 11, Apr. 2014, pp. 433-438. https://doi.org/10.13067/JKIECS.2014.9.4.433