Dynamic and secure management of VPNs in IPv6 multi-domain scenarios
نویسندگان
چکیده
IPsec-based VPN solutions today run mainly in the IPv4 environment and it is important that they have the capability of being upgraded to IPv6 to remain interoperable in next generation Internet. Two of the key components of every VPN solution are the trust management system used to secure the VPN establishment process and the policy mechanism used to control the VPN life-cycle. However, these two components have not received much research effort in the IPv6 world, so although IPsec IPv6-enabled implementations are getting mature, the deployment of secure VPNs in IPv6 is progressing rather slowly. This paper provides a new vision on how trust management based on cross-certification can be extended to IPv6 multi-domain scenarios and presents a policy management architecture proposed to build flexible, large-scale interoperable IPv6 VPNs solutions. 2005 Elsevier B.V. All rights reserved.
منابع مشابه
Behavioral and Performance Characteristics of IPsec/IKE in Large-Scale VPNs
Cryptographic network security services are essential for providing secure data communication over an insecure public network such as the Internet. Recently there has been tremendous growth in the requirements for, and use of, secure virtual private networks (VPNs) to interconnect enterprises with business partners, traveling staff, and remote office locations. Internet Protocol Security (IPsec...
متن کاملAn IPSec Mediation Approach for Safe Establishment of Inter-domain VPNs
In this paper we propose a new solution to increase the security of BGP/MPLS IP VPNs established across multiple domains. In general, layer 3 VPNs already present a number of security risks when used in single domain scenarios, since they are vulnerable to attacks originated inside the provider backbone. In order to overcome these risks, IPSec tunnels are recommended. In multi-domain scenarios,...
متن کاملA Dynamic Architecture for Mobility Management in Hierarchical Mobile IPv6
Hierarchical Mobile IPv6 (HMIPv6) is an enhanced Mobile IPv6 for reducing signaling cost of location management. Multi-level Hierarchical Mobile IPv6 (MHMIPv6) can organize mobile region as a multi-level hierarchy architecture, which is more flexible to support scalable services. However, MHMIPv6 will bring additional packet processing overhead, and produce negative impact especially on some mo...
متن کاملKey Management for Secure Multicast over IPv6 Wireless Networks
Multicasting is an efficient method for transmission and routing of packets to multiple destinations using fewer network resources. Along with widespread deployment of wireless networks, secure multicast over wireless networks is an important and challenging goal. In this paper, we extend the scope of a recent new key distribution scheme to a security framework that offers a novel solution for ...
متن کاملSecure Bootstrapping and Routing in an IPv6-Based Ad Hoc Network
The mobile ad hoc network (MANET), which is characterized by an infrastructureless architecture and multi-hop communication, has attracted a lot of attention recently. In the evolution of IP networks to version 6, adopting the same protocol would guarantee the success and portability of MANETs. In this paper, we propose a secure bootstrapping and routing protocol for MANETs. Mobile hosts can au...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- Computer Communications
دوره 29 شماره
صفحات -
تاریخ انتشار 2006