Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
TISSEC
2002
2002
Trust management for IPsec
IPsec is the standard suite of protocols for networklayer confidentiality and authentication of Internet traffic. The IPsec protocols, however, do not address the policies for how protected traffic should be handled at security endpoints. This paper introduces an efficient policy management scheme for IPsec, based on the principles of trust management. A compliance check is added to the IPsec architecture that tests packet filters proposed when new security associations are created for conformance with the local security policy, based on credentials presented by the peer host. Security policies and credentials can be quite sophisticated (and specified in the trustmanagement language), while still allowing very efficient packet-filtering for the actual IPsec traffic. We present a practical, portable implementation of this design, based on the KeyNote trust-management language, that works with a variety of Unix-based IPsec implementations.
Real-time TrafficRelated Content
| Added | 23 Dec 2010 |
| Updated | 23 Dec 2010 |
| Type | Journal |
| Year | 2002 |
| Where | TISSEC |
| Authors | Matt Blaze, John Ioannidis, Angelos D. Keromytis |
Comments (0)
Researcher Info
|
