The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
Content audit analyzes the messages of application layer communication between the peers, and matches the set security policies to ensure legitimate and effective use of network resources. The link management is one of the key issues in designing the content audit system. In order to achieve efficient management of TCP links and the correlation analysis of the same session, the hash list is proposed...
IPsec is also an important security protocol for next generation Internet (NGI) and it has become a hot topic in security communication research to increase IPsec's performance without any security decreasing. In this article, we analyze the implementation of IPsec's security policy database (SPD) and its searching method. We also proposed an optimized design for the SPD with hash table based on chaining...
The paper has firstly made thorough research and analysis to the IPsec support mechanism in Linux kernel 2.6 and then has given out a comprehensive building scheme of the IPsec VPN security gateway based on Linux kernel 2.6, combined with self-designed VPN security gateway console, the security gateway's interaction with kernel module, and the IKE module. The paper has designed and implemented an...
A framework of three attributes for video surveillance systems is underlined: availability, accessibility and authenticity. Under this framework, a scenario in which surveillance cameras can be accessed by remote devices, such as mobile phones, PDAs, over IP is addressed. Some security drawbacks of an off-the-shelf product are depicted and a new solution is proposed which uses cryptographic authentication...
In this paper, we address the security of routing protocols. Internet routing protocols are subject to attacks in the control plane as well as the data plane. In the control plane, a routing protocol, e.g., BGP, OSPF, exchanges routing state updates and enables routers to compute the best paths towards various destinations. During this phase, an attacker can modify or inject malicious control messages...
The security of well established secure channel technologies like transport layer security (TLS) or IP security (IPSec) can be significantly improved by emerging concepts like trusted computing. The use of trusted platform modules (TPMs) offers new methods for improving the security of these well established technologies. How secure channel technologies can be adapted to use trusted computing concepts...
Protocol security dealing with mobility is strongly necessary since mobile nodes are more prone to attacks. The Context Transfer Protocol allows applications running on mobile nodes to operate with minimal disruption by transferring contexts between access routers. In this paper, after a practical study using the AVISPA tool and a more conceptual one, we will show that this protocol does not work...
Contrast with the current WLAN (wireless local area network) security mechanism worked in data link layer. IPSec over WLAN worked in IP layer has his superiorities. But as a security mode originally used in wired network, IPSec uses IKE (Internet key exchange protocol) as default that need a large number of computation is not fit for mobile devices of WLAN. Besides, IPSec protocol does not fit mobile...
A powerpoint presentation is given. The paper discusses the experimental evaluation of the performance costs of different IKEv2 authentication methods. Internet key exchange version 2 protocol negotiates security associations for IPsec, authenticates the peer, supports the extensible authentication protocol methods and a candidate technology in future AAA frameworks which is a major issue in next...
Cross-layer architectures (CLAs) are proposed to improve performance in networks where physical layer impairments are unpredictable and provision of security services may be challenging, as in satellite networks. This paper proposes an extension to the IPsec protocol, named cross-layer IPsec (CL-IPsec), able to provide authentication and integrity services through a cross-layer architecture when the...
The Internet key exchange (IKE) protocol is most widely used as a security key exchange protocol on the Internet. For example, IPSec protocol uses IKE protocol as its mandatory key exchange protocol. The various parameters of the IKE protocol must be configured in advance before establishing a connection. However, its complex options and manual settings diminish in usability. This paper proposes a...
The IPv6 network protects the IP layer by using the IPSec protocol and the SEND mechanism. However each host should be authenticated repeatedly when the two mechanisms are used at the same time. In this paper, we propose a cooperation scheme to share the authentication information between the SEND mechanism and the IPSec protocol. By sharing the authentication data of the host with the SEND mechanism,...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.