Title :
Deploying secure cryptographic services in multi-domain IPv6 networks
Author :
Millán, Gabriel López ; Clemente, Felix J García ; Pérez, Manuel Gil ; Pérez, Gregorio Martínez ; Skarmeta, Antonio F Gómez
Author_Institution :
Departamento de Ingenieria de la Inf. y las Comunicaciones, Murcia Univ., Spain
Abstract :
There are several reasons to offer PKI (public key infrastructure) services in IPv6 multidomain scenarios. The first reason is to provide IPv6-only or dual-stack connectivity to those Internet users and entities who want to use certification services, but there are other important motivations. If we want to enable and promote security services in IPv6 networks, like end-to-end security, AAA (authentication, authorization and accounting) services, HTTP or DNSsec services, or VPN networks, it is needed to offer the public key services required by the involved protocols. Other relevant reason is to allow services or devices to use X.509 public key certificates containing IPv6 information, such as IPv6 addresses used, for example, by any IPsec-based VPN end point. This is the main motivation of the research work presented in this paper where the most relevant design and implementation issues related with the deployment of PKI services in a multidomain IPv6 network are presented.
Keywords :
IP networks; Internet; message authentication; public key cryptography; telecommunication security; transport protocols; IPsec-based VPN end point; IPv6 addresses; IPv6 information; Internet; X.509 public key certificates; certification service; dual-stack connectivity; multidomain IPv6 networks; public key infrastructure service; secure cryptographic services; security services; Cryptography; Intelligent networks;
Conference_Titel :
Advanced Information Networking and Applications, 2005. AINA 2005. 19th International Conference on
Print_ISBN :
0-7695-2249-1
DOI :
10.1109/AINA.2005.149
