The impact of security service selection for LANs

Abstract

IEEE 802 has defined a Local Area Network (LAN) architecture that contains a Logical Link Control (LLC) and a Media Access Control (MAC) protocol layer. Within this architecture, IEEE 802.10 is attempting to define protocols and interfaces that provide security. The authors of this paper submitted a protocol that implemented a specific set of security services and was placed between the LLC and MAC layers. This paper explains why the placement between the two layers was preferred to the placement being above LLC or within the LLC or MAC layers. It describes the security services that can be obtained by different placements, but then describes the reasons that between the MAC and the LLC was deemed the best option. While this paper specifically addresses the IEEE 802 architecture, it contains trade-offs that can be applied to any security architecture involving both connection and connectionless services.