Title :
Toward A Practical Scheme for IPSec Management
Author :
Li, Qi ; Xu, Mingwei ; Xu, Ke
Author_Institution :
Tsinghua Univ., Beijing
Abstract :
IP Security (IPSec) is an important protection mechanism for securing the Internet communication. However, IPSec is a complex security protocol family, and the management issue is still a challenge for mass deployment. Many researchers have investigated the IPSec management issue with various approaches, the policy configuration and distribution issue remain to be efficiently resolved. A certificate-based scheme to manage IPSec endpoints is proposed in this paper. A Role-based Access Control (RBAC) model is introduced to simplify the process of policy configuration, and policy control mechanism is proposed to check whether new security association conforms to local security policies. The analysis of the scheme shows the flexibility and efficiency of our approach. Based on our proposed scheme, we implement a prototype system with the proof-of-concept and conduct experimental studies to demonstrate the feasibility and performance of our approach.
Keywords :
IP networks; Internet; telecommunication security; IP Security; IPSec management; Internet communication; policy control mechanism; role-based access control; security protocol; Authentication; Communication system security; Data security; Information security; Internet; National security; Protection; Prototypes; Public key; Virtual private networks;
Conference_Titel :
Information Networking, 2008. ICOIN 2008. International Conference on
Conference_Location :
Busan
Print_ISBN :
978-89-960761-1-7
Electronic_ISBN :
1976-7684
DOI :
10.1109/ICOIN.2008.4472762
