Use of IKEv2 in the Fibre Channel Security Association Management Protocol
نویسندگان
چکیده
This document describes the use of IKEv2 to negotiate security protocols and transforms for Fibre Channel as part of the Fibre Channel Security Association Management Protocol. This usage requires that IKEv2 be extended with Fibre-Channel-specific security protocols, transforms, and name types. This document specifies these IKEv2 extensions and allocates identifiers for them. Using new IKEv2 identifiers for Fibre Channel security protocols avoids any possible confusion between IKEv2 negotiation for IP networks and IKEv2 negotiation for Fibre Channel.
منابع مشابه
Automated Analysis of Internet Key Exchange Protocol v2 for Denial of Service Attacks
The Denial of service (DoS) and Distributed Denial of Service (DDoS) attacks are aimed at maliciously consuming the available resources in computing systems to prevent genuine users from legitimately accessing them. These attacks can easily interrupt or disable targeted systems, so it is important for the system to detect and filter bogus connection requests as early as possible. Many common pr...
متن کاملInternet Key Exchange (IKEv2) Protocol
This document describes version 2 of the Internet Key Exchange (IKE) protocol. IKE is a component of IPsec used for performing mutual authentication and establishing and maintaining security associations. This version of the IKE specification combines the contents of what IKEv2 draft-ietf-ipsec-ikev2-15.txt [Page 1] Internet-Draft August 13, 2004 were previously separate documents, including IS...
متن کاملCGA as alternative security credentials with IKEv2: implementation and analysis
Internet Protocol security (IPsec) is a protocol suite enabling secure IP communications by authentication and/or encryption. Internet Key Exchange version 2 (IKEv2) mechanism is recommended to configure dynamically IPsec between IP nodes and the authentication of each peer is usually based on either pre-shared keys, X.509 certificates or Extensible Authentication Protocol (EAP). However, these...
متن کاملVerified Contributive Channel Bindings for Compound Authentication
Compound authentication protocols, such as EAP in IKEv2 or SASL over TLS, bind application-level authentication to a transport-level authenticated channel in order to obtain strong composite authentication under weak trust assumptions. Despite their wide deployment, these protocols remain poorly understood, leading to several credential forwarding man-in-themiddle attacks. We present formal mod...
متن کاملTransport Layer Security (TLS) Implementation for Secured MN- HA Communication in Mobile IPv6
Mobile IPv6 usually use the IPsec/IKEv2 to secure Mobile Node (MN) and Home Agent (HA) communication. The implementation of IPsec/IKEv2 with MIPv6 is complex because it requires a tight coupling between MIPv6 protocol part and the IPsec/IKEv2 part of the IP stack. This paper proposes a security mechanism which uses Transport Layer Security (TLS) for establishing Keying Material and other bootst...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- RFC
دوره 4595 شماره
صفحات -
تاریخ انتشار 2006