• DocumentCode
    3176085
  • Title

    Toward A Practical Scheme for IPSec Management

  • Author

    Li, Qi ; Xu, Mingwei ; Xu, Ke

  • Author_Institution
    Tsinghua Univ., Beijing
  • fYear
    2008
  • fDate
    23-25 Jan. 2008
  • Firstpage
    1
  • Lastpage
    5
  • Abstract
    IP Security (IPSec) is an important protection mechanism for securing the Internet communication. However, IPSec is a complex security protocol family, and the management issue is still a challenge for mass deployment. Many researchers have investigated the IPSec management issue with various approaches, the policy configuration and distribution issue remain to be efficiently resolved. A certificate-based scheme to manage IPSec endpoints is proposed in this paper. A Role-based Access Control (RBAC) model is introduced to simplify the process of policy configuration, and policy control mechanism is proposed to check whether new security association conforms to local security policies. The analysis of the scheme shows the flexibility and efficiency of our approach. Based on our proposed scheme, we implement a prototype system with the proof-of-concept and conduct experimental studies to demonstrate the feasibility and performance of our approach.
  • Keywords
    IP networks; Internet; telecommunication security; IP Security; IPSec management; Internet communication; policy control mechanism; role-based access control; security protocol; Authentication; Communication system security; Data security; Information security; Internet; National security; Protection; Prototypes; Public key; Virtual private networks;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Information Networking, 2008. ICOIN 2008. International Conference on
  • Conference_Location
    Busan
  • ISSN
    1976-7684
  • Print_ISBN
    978-89-960761-1-7
  • Electronic_ISBN
    1976-7684
  • Type

    conf

  • DOI
    10.1109/ICOIN.2008.4472762
  • Filename
    4472762