Title :
Packet level access control scheme for internetwork security
Author :
Iqbal, M.S. ; Poon, F.S.F.
Author_Institution :
Sussex Univ., Brighton, UK
fDate :
4/1/1992 12:00:00 AM
Abstract :
The scheme allows controlled access to the internal resources of a network, and only trusted systems can gain access to external networks. A secure communication link is established between a requesting machine and the requested remote resource at the initiation of an external session. All the entities, the network gateways and the machines at the end points, along this communication path are authenticated during the initiation process. Any subsequent packets transmitted along this path are also authenticated throughout the session. The scheme uses the RSA and the DES security algorithms to implement session initiation and packet origin authentication, respectively. The need to distribute packet authentication keys is eliminated by deriving the packet authentication key from the RSA private key of each network entity, using a reference key number concept, and allowing a different packet authentication key for each external session between communicating entities.<>
Keywords :
computer networks; cryptography; packet switching; protocols; DES security algorithm; RSA security algorithm; computer networks; internetwork security; network gateways; packet authentication key; packet level access control scheme; packet origin authentication; protocols; reference key number concept; session initiation authentication;
Journal_Title :
Communications, Speech and Vision, IEE Proceedings I
