The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
This paper describes how mobility and security services are provided together in a vehicular scenario based on WiMAX technology. MIPv6 and IKEv2 protocols have been chosen for this purpose, in particular the “Mip6d” and “OpenIKEv2” implementations respectively. But this cooperation is performed in a different way as usual, because they also implement an access control mechanism for visited networks...
A large-scale disaster may cause communication failure in the case of IPsec-VPN. Trouble with an IPsec-GW is one of the reasons this failure happens. Generally, it is better to expand the area in which communication is restored by using an IPsec-GW redundancy method. The existing Ipsec-GW redundancy method reduces communication failure time. In this method, IPsec-GWs synchronize IPsec information...
An IP virtual private network using IPsec (IPsecVPN) has begun to be used as a forwarding base for cloud services. Cloud computing architecture is evolving into an inter-cloud structure that enables many cloud services to connect to each other freely. IPsecVPN applied to cloud services will increase in complexity along with the evolving cloud architecture. In this paper, we discuss the requirements...
IPsec is also an important security protocol for next generation Internet (NGI) and it has become a hot topic in security communication research to increase IPsec's performance without any security decreasing. In this article, we analyze the implementation of IPsec's security policy database (SPD) and its searching method. We also proposed an optimized design for the SPD with hash table based on chaining...
Currently, Internet, adopting the TCP/IP suits, is an end-to-end architecture. TCP/IP is an open architecture, and its design principle only focuses on the efficiency of information transmission, while it does not consider the security issues. IPsec VPN has been proposed to solve the core network security issue. However, it is believed that the current use of IP addresses to denote both the location...
This paper first discusses the classic methods of covert communication to traverse the firewall devices which control the network communication. And based on the analysis of IPSec protocol architecture, that the worse of network compatibility of IPSec is got. So the new IPSec over HTTP protocol based on IPSec tunnel and HTTP tunnel is exposed including its structure and procedure. The soft structure...
The paper has firstly made thorough research and analysis to the IPsec support mechanism in Linux kernel 2.6 and then has given out a comprehensive building scheme of the IPsec VPN security gateway based on Linux kernel 2.6, combined with self-designed VPN security gateway console, the security gateway's interaction with kernel module, and the IKE module. The paper has designed and implemented an...
IPSec VPN is commonly used to implement secure communications between different branch intranets over public networks. Multi-link aggregate IPSec VPN can make better use of multiple physical links of corporation. On the basis of analysis on the insufficiency of packet-based scheduling, a session-based tunnel scheduling model for multi-link aggregate IPSec VPN is proposed. The new model can distribute...
The host identity protocol (HIP) has been specified by the IETF as a new solution for secure host mobility and multihoming in the Internet. HIP uses self-certifying public- private key pairs in combination with IPsec to authenticate hosts and protect user data. While there are three open-source HIP implementations, little experience is available with running HIP on lightweight hardware such as a mobile...
With the growing demands for computer network communication, it becomes increasingly important to secure the data flow path. The existing research related to security mechanisms only focuses on securing the flow of information in the communication networks. There is a lack of work on improving the performance of networks to meet quality of service (QoS) constrains for various applications. The security...
This paper introduces the IPSec security architecture and its mechanism, and gives an in-depth analysis of the IPSec security. Due to the flaws of the pre-shared key authentication method and the fact that it is vulnerable to DoS attacks, this paper proposes a dynamic pre-shared key generation method to avoid the harm to the system caused by crack of the pre-shared key. The improved method generates...
With the evolution and proliferation of the All-IP core network and the mobile access network, more and more legacy services are being transferred to the converged and unified IP-based platform. For this transfer, SIP (Session Initial Protocol) has been adopted by IETF, ETSI, and 3GPP for creating, modifying, and terminating multimedia sessions. SIP with application-level mobility support can replace...
Virtual Private Network (VPN) is commonly used in business situations to provide secure communication channels over public infrastructure such as Internet. This is because these networks can be set-up with a lower cost of ownership compared to other means of securing communications. VPN is a proven technology that does provide security strong enough for business use. However, performance of these...
Internet protocol security (IPsec) can provide a highly interoperable and cost effective part of securing network communications with manned spacecraft, but some shortcomings of the protocol and its implementations must be addressed in order to apply this technology in manned spacecraft. The most notable challenges are in the areas of IPsec device management, security certification (e.g., FIPS 140-2...
IPv6, the new version of the Internet protocol, has been developed to provide new services and to support the Internet's growth. This paper presents an overview of the key security issues, which outlines the challenges in deploying and transitioning to IPv6.
Sharing of information and resources among different devices require networking. As networks are expanding day by day, IPv6 is gaining more and more popularity. Different transition mechanisms have been established and yet a lot of research is to be carried out. Network security is another very important area of research and needs special attention in the era of network expansions. In this paper,...
The main idea of the third generation (3G) networks is to merge two of the most important communication systems: cellular networks and Internet. The IP multimedia subsystem (IMS) defined by 3GPP is a technology designed to provide robust multimedia services across roaming boundaries and over diverse access technologies. In this communication converged world, the challenging issues are security and...
Multicast networking support is becoming an increasingly important future technology area for group-based applications. Although the deployment of multicast networks has been picking up, the area of multicast security has not received much attention. The few proposals for securing multicast communication do not address the unique requirements arising from the multicast group communication model. Integrating...
The supervision and control of remote domestic electrical equipments and personal computers need a stable virtual private network. This article puts forwards a kind of virtual private network using the Internet and IPv6 technology. Because upgrading port software of former domestic VPN truss is troublesome and difficult, we are aiming at finding a kind of secure, stable, and flexible virtual private...
The rapid increasing Internet services need high performance, scalable and flexible network security devices. IPSec is a set of protocols to ensure transmission of packets in IP network. Multi-core processors are targeted to a wide range of applications with complex packet processing and high throughput requirements. Although there are several designs of IPSec system with heterogeneous hardware platforms,...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.