Middleware For Building Adaptive Systems Via Configuration
OM '01 Proceedings of the 2001 ACM SIGPLAN workshop on Optimization of middleware and distributed systems
Formalizing GDOI group key management requirements in NPATRL
CCS '01 Proceedings of the 8th ACM conference on Computer and Communications Security
ACM Transactions on Internet Technology (TOIT)
The Logic of Authentication Protocols
FOSAD '00 Revised versions of lectures given during the IFIP WG 1.7 International School on Foundations of Security Analysis and Design on Foundations of Security Analysis and Design: Tutorial Lectures
Secure Communication for Secure Agent-Based Electronic Commerce Applications
E-Commerce Agents, Marketplace Solutions, Security Issues, and Supply and Demand
Application-Independent End-to-End Security in Shared-Link Access Networks
NETWORKING '00 Proceedings of the IFIP-TC6 / European Commission International Conference on Broadband Communications, High Performance Networking, and Performance of Communication Networks
Connection of Extruded Subnets: A Solution Based on RSIP
NETWORKING '02 Proceedings of the Second International IFIP-TC6 Networking Conference on Networking Technologies, Services, and Protocols; Performance of Computer and Communication Networks; and Mobile and Wireless Communications
Designing a distributed access control processor for network services on the Web
Proceedings of the 2002 ACM workshop on XML security
Current security management & Ethical issues of information technology
Information security education in the UK: a proposed course in secure e-commerce systems
Proceedings of the 1st annual conference on Information security curriculum development
Journal of Computer Security - Special issue on ACM conference on computer and communications security, 2001
An automatic security test engine for IPv6 network
International Journal of Wireless and Mobile Computing
A rule-based approach to security test automation on network layer
TELE-INFO'05 Proceedings of the 4th WSEAS International Conference on Telecommunications and Informatics
A Secure IPv6-based Urban Wireless Mesh Network (SUMNv6)
Computer Communications
MMACTEE'08 Proceedings of the 10th WSEAS International Conference on Mathematical Methods and Computational Techniques in Electrical Engineering
Strategic planning for the computer science security
WSEAS Transactions on Computers
A Combined Watermarking and Encryption Algorithm for Secure VoIP
Information Security Journal: A Global Perspective
Graduate follow up as a vehicle for CSIT curriculum assessment and improvement
Proceedings of the 14th Western Canadian Conference on Computing Education
Proceedings of the Third ACM International Conference on Distributed Event-Based Systems
A new protocol for security and QoS in IP networks
International Journal of Information and Computer Security
Protection of multiagent systems
ICCSA'03 Proceedings of the 2003 international conference on Computational science and its applications: PartIII
Environmental requirements for authentication protocols
ISSS'02 Proceedings of the 2002 Mext-NSF-JSPS international conference on Software security: theories and systems
A logic-based verification framework for authentication protocols
International Journal of Internet Technology and Secured Transactions
Proceedings of the Fourth European Conference on Software Architecture: Companion Volume
Slow but certain wins the race: authenticated bundle communication in delay tolerant networks
Proceedings of the 6th ACM workshop on QoS and security for wireless and mobile networks
Analysis of IPSec overheads for VPN servers
NPSEC'05 Proceedings of the First international conference on Secure network protocols
Integrity of the web content: the case of online advertising
CollSec'10 Proceedings of the 2010 international conference on Collaborative methods for security and privacy
A grid architecture for comfortable robot control
EGC'05 Proceedings of the 2005 European conference on Advances in Grid Computing
Private computation of spatial and temporal power consumption with smart meters
ACNS'12 Proceedings of the 10th international conference on Applied Cryptography and Network Security
Privacy-preserving content-based recommender system
Proceedings of the on Multimedia and security
NEW2AN'07 Proceedings of the 7th international conference on Next Generation Teletraffic and Wired/Wireless Advanced Networking
Eliminating rouge femtocells based on distance bounding protocol and geographic information
Expert Systems with Applications: An International Journal
Hi-index | 0.00 |
From the Book:PREFACE: PrefaceThe Internet connects millions of people around the world and allows for immediate communication and access to a seemingly limitless amount of information. Data, video, voice, almost every single type of communication, travels across the Internet. Some of this communication is private.The language of the Internet is IP, the Internet Protocol. Everything can, and does, travel over IP. One thing IP does not provide, though, is security. IP packets can be forged, modified, and inspected en route. IPSec is a suite of protocols that seemlessly integrate security into IP and provide data source authentication, data integrity, confidentiality, and protection against replay attacks.With IPSec the power of the Internet can be exploited to its fullest potential: Communication is the lifeblood of business. Without a guarantee that a customer脮s order is authentic it is difficult to bill for a service. Without a guarantee that confidential information will remain confidential it is impossible for businesses to grow and partnerships to be formed. Unless there is a guarantee that records and information can remain confidential, the health care industry cannot utilize the Internet to expand its services and cut its costs. Personal services, such as home banking, securities trading, and insurance can be greatly simplified and expanded if these transactions can be done securely.The growth of the Internet is truly dependent on security and the only technique for Internet security that works with all forms of Internet traffic is IPSec. IPSec runs over the current version of IP, IPv4, and also the next generationofIP, IPv6. In addition, IPSec can protect any protocol that runs on top of IP such as TCP, UDP, and ICMP. IPSec is truly the most extensible and complete network security solution.IPSec enables end-to-end security so that every single piece of information sent to or from a computer can be secured. It can also be deployed inside the network to form Virtual Private Networks where two distinct and disparate networks become one by connecting them with a tunnel secured by IPSec. This book discusses the architecture, design, implementation, and use of IPSec. Each of the protocols in the suite commonly referred to as "IPSec" (the Authentication Header, the Encapsulating Security Payload, and the Internet Key Exchange) is examined in detail. Common deployments of IPSec are discussed and future work on problem areas is identified.This book is intended for an audience with an interest in network security as well as those who will be implementing secure solutions using IPSec, including building VPNs, e-commerce, and end-to-end security. Cryptography and networking basics are discussed in early chapters for those who are neither cryptography nor networking professionals.OrganizationThis book is split into three parts: overview, detailed analysis, and implementation and deployment issues. Part One is comprised of the first three chapters. Chapter One discusses the basic cryptographic building blocks upon which IPSec is built. Symmetric and public key cryptography and their use for both encryption and authentication are explained. Chapter Two discusses the basics of TCP/IP and the advantages and disadvantages of implementing security at various layers in the TCP/IP protocol stack. Chapter Three is an overview of IPSec. The IPSec Architecture is discussed and each of the protocolsÑAH, ESP, and IKEÑand their interrelationship is touched upon.Part Two consists of chapters Four through Seven. Chapter Four is a detailed discussion of the IPSec Architecture. The basic concepts of IPSec, the different modes, selectors, security associations, and security policy are discussed. Chapters Five and Six discuss in detail the two protocols used to protect IP, the Encapsulating Security Payload and the Authentication Header, respectively. Construction and placement of protocol headers is discussed as are input and output processing rules. Chapter Seven is an in-depth discussion of the Internet Key Exchange. The different phases of negotiation, the different exchanges, the various authentication methods, and all the negotiable options are explained.Part Three is Chapters Eight through Eleven. Chapter Eight is a discussion of policy and its implication on IPSec. An architecture to support IPSec policy and a policy module is presented. Chapter Nine presents the issues surrounding the implementation of IPSec in a TCP/IP stack, in a platform-independent manner. Chapter Ten discusses different IPSec deployments: end-to-end security, virtual private networks, and the "road warrior" situation. Chapter Eleven discusses future work items for the IPSec community. These include integrating network layer compression with IPSec, extending IPSec to multicast traffic, issues associated with key recovery, IPSec interaction with the Layer Two Tunneling Protocol (L2TP), and public-key infrastructures.