Towards a policy system for IPsec: issues and an experimental implementation
نویسندگان
چکیده
IPsec, the standard suite of protocols to provide security in IP networks, and IKE, the commonly used key management protocol for IPsec, do not address the more general problem of how security policies should be distributed to IPsec nodes. Recent IETF work in the area of network security provides a definition of the basic requirements of an IP Security Policy System (IPSP) and a proposal of a Security Policy Protocol (SPP) to exchange security policies. IPSP recommends that traditional mechanisms for distributing network management information (SNMP, COPS) should also be taken into consideration. The first objective of this paper is to evaluate the suitability of existing network management mechanisms to achieve the goals of IPSP. Subsequently, the paper describes and discusses an approach followed in the implementation of an IPSP system, with emphasis on the implementation of SPP.
منابع مشابه
The Politico-Economic Challenges of Ghana’s National Health Insurance Scheme Implementation
Background National/social health insurance schemes have increasingly been seen in many low- and middle-income countries (LMICs) as a vehicle to universal health coverage (UHC) and a viable alternative funding mechanism for the health sector. Several countries, including Ghana, have thus introduced and implemented mandatory national health insurance schemes (NHIS) as part of reform efforts towa...
متن کاملC-ISCAP(Controlled Internet Secure Connectivity Assurance Platform) : Design, Implementation and Evaluation
IPsec has now become a standard information security technology throughout the Internet society. It provides a well-defined architecture which takes into account confidentiality, authentication, integrity, secure key exchange and protection mechanism against replay attack also. For the connectionless security services on packet basis, IETF IPsec Working Group has standardized two extension head...
متن کاملFast IPSec: A High-Performance IPsec Implementation
Fast IPsec is an implementation of the IPsec protocols [Kent & Atkinson, 1998a] for FreeBSD that was designed for high performance. In particular the protocols use the OpenBSD Cryptographic Framework, as ported to FreeBSD [Leffler, 2003], so any cryptographic hardware is automatically used to accelerate their operation. Fast IPsec, running on a uniprocessor system with a single Broadcom BCM5822...
متن کاملOn Securing Wireless LANs and Supporting Nomadic Users with Microsoft’s IPSec Implementation
Wireless LANs, like the IEEE 802.11 WLANs, are more vulnerable than their wired counterparts. The IEEE 802.11 specification includes an encryption protocol, WEP (Wired Equivalent Protocol), but this protocol inhibits severe weaknesses: there is no automatic key distribution protocol and WEP’s security itself has been shown to be seriously flawed. As a result, many of today’s IEEE 802.11 network...
متن کاملA Model for Effective Implementation of Health Policy in Iran
Background: Policies will be communicated to administrators after being drafted and approved. Sometimes, they undergo changes at the implementation stage that remove them from their goals. The aim of this study was to provide a model to improve the quality of policy implementation in the health system of Iran. Methods: This qualitative study was conducted in 2018. In order to collect the requi...
متن کامل