1 Introduction

The trend towards ATM networks requires a re-examination of network security issues. ATM is based on the concepts of switched virtual connections and fixed length cells, this contrasts with the connectionless, shared medium, broadcast networks frequently referred to as ``legacy networks''. These conceptual differences required the development of new protocols like `Integrated Local Management Interface' (ILMI) [14] and `Private Network-Network Interface' (P-NNI) [15]. These specifications have not yet been subjected to a thorough security analysis.

In order to make the use of IP in ATM networks, additional services, such as the ATMARP server, had to be introduced. This also introduced new risks, which must be investigated before ``Classical IP over ATM networks'' can be used in critical environments.

Typically cryptography is used in networks to provide authentication, integrity, and confidentiality. Integration of cryptographic mechanisms into ATM networks is currently a research topic [7,16], but none of these mechanisms have been standardized.

We provide solutions for most identified security problems. Other security flaws can be mitigated. Many improvements are possible by manual configuration of ATM hardware and changes to the bahaviour of the ATMARP server. Thus there is no need to provide proprietary protocol extensions and security can be achieved within the current standards for IP over ATM. Moreover the solutions do not require additions to current switch capabilities like cryptographic authentication for signaling.