A 10 Giga VPN Accelerator Board for Trust Channel Security System
نویسندگان
چکیده
This paper proposes a VPN Accelerator Board (VPN-AB), a virtual private network (VPN) protocol designed for trust channel security system (TCSS). TCSS supports safety communication channel between security nodes in internet. It furnishes authentication, confidentiality, integrity, and access control to security node to transmit data packets with IPsec protocol. TCSS consists of internet key exchange block, security association block, and IPsec engine block. The internet key exchange block negotiates crypto algorithm and key used in IPsec engine block. Security Association blocks setting-up and manages security association information. IPsec engine block treats IPsec packets and consists of networking functions for communication. The IPsec engine block should be embodied by H/W and in-line mode transaction for high speed IPsec processing. Our VPN-AB is implemented with high speed security processor that supports many cryptographic algorithms and in-line mode. We evaluate a small TCSS communication environment, and measure a performance of VPN-AB in the environment. The experiment results show that VPN-AB gets a performance throughput of maximum 15.645Gbps when we set the IPsec protocol with 3DES-HMAC-MD5 tunnel mode. Keywords— TCSS(Trust Channel Security System), VPN(Virtual Private Network), IPsec, SSL, Security Processor, Security communication.
منابع مشابه
Analyses of Architecture based on Hardware for High-speed VPN System
A VPN is widely used in a communications environment which access is controlled to permit peer connections only within a defined community of interest. It is constructed through some form of partitioning of a common underlying communication medium, where this underlying communications medium provides services to the network on a non-exclusive basis. In this paper, we have analyzed a variety of ...
متن کاملCombining User and Platform Trust Properties to Enhance VPN Client Authentication
With PC manufacturers aggressively pushing trusted architectures in their new models, Trusted Platforms are quickly becoming a major component of the IT landscape. These platforms embed a security chip, the Trusted Platform Module (TPM), that is primarily used to attest the integrity of the system but that can also accurately identify the platform. While platform identification raises privacy i...
متن کاملSecure VPNs for Trusted Computing Environments
Virtual Private Networks are a popular mechanism for building complex network infrastructures. Such infrastructures are usually accompanied by strict administrative restrictions on all VPN endpoints to protect the perimeter of the VPN. However, enforcement of such restrictions becomes difficult if these endpoints are personal computers used for remote VPN access. Commonly employed measures like...
متن کاملAlternative Schemes for Dynamic Secure VPN Deployment in UMTS
Three alternative schemes for secure Virtual Private Network (VPN) deployment over the Universal Mobile Telecommunication System (UMTS) are proposed and analyzed. The proposed schemes enable a mobile node to voluntarily establish an IPsec-based secure channel to a private network. The alternative schemes differ in the location where the IPsec functionality is placed within the UMTS network arch...
متن کاملA Trust Management System in Mobile Enterprise Networking
Trust is crucial for mobile communications. However, how to manage trust in mobile enterprise networking among various mobile devices is problematic for companies using mobile enterprise solutions. This paper presents a trust management system in an enterprise’s virtual private networks (VPN). The system supports confidential content management and overcomes the diversity support of security in...
متن کامل