Title :
NeoMAN: Negotiation Management Method for IKE Protocol Based on X.509
Author :
Zhao, Zhen ; Ko, Kwang Sun ; Kim, Jung Han ; Kim, In Hyuk ; Eom, Young Ik
Author_Institution :
Sch. of Inf. & Commun. Eng., Sungkyunkwan Univ., Suwon
Abstract :
The Internet key exchange (IKE) protocol is most widely used as a security key exchange protocol on the Internet. For example, IPSec protocol uses IKE protocol as its mandatory key exchange protocol. The various parameters of the IKE protocol must be configured in advance before establishing a connection. However, its complex options and manual settings diminish in usability. This paper proposes a negotiation management method for the IKE protocol based on X.509, called NeoMAN. We make use of the extension field of the X.509 certificate to carry IKE configuration profiles with and design a negotiation assistant module (NAM) to hold the management processes. Our proposed method reduces the complexity of the configuration process, improves the adaptability of the IKE protocol, and also provides a centralized IKE management approach.
Keywords :
Internet; certification; cryptographic protocols; telecommunication security; IKE configuration profile; IKE protocol; IPSec protocol; Internet key exchange; NeoMAN; X.509 certificate; negotiation assistant module; negotiation management method; security key exchange protocol; Conference management; Cryptographic protocols; Data security; Engineering management; Information security; Information technology; Internet; Protection; Sun; Technology management; IKE; Negotiation management; X.509; automatic configuration; certificate; security policy;
Conference_Titel :
Advanced Language Processing and Web Information Technology, 2008. ALPIT '08. International Conference on
Conference_Location :
Dalian Liaoning
Print_ISBN :
978-0-7695-3273-8
DOI :
10.1109/ALPIT.2008.23
