A Multi-Link Aggregate IPSec Model

Author

Zhang, Yun-he ; Li, Zhi-Tang ; Wang, Mei-zhen ; Xiao, Ling

Author_Institution

Sch. of Comput. Sci. & Technol., Huazhong Univ. of Sci. & Technol., Wuhan

Volume

3

fYear

2009

fDate

7-8 March 2009

Firstpage

489

Lastpage

493

Abstract

Internet has become the universal information communications infrastructure. VPN is commonly used to implement communications over different branch intranets. IPSec is a suit of protocols that adds security to communications at the IP layer, and it is a popular technology to implement VPN. On the basis of analysis on the insufficiency of traditional IPSec systems, a multi-link aggregate IPSec model is proposed. The new model can negotiate multiple groups of security policies on different physical links for same branch intranet pair, and distribute IPSec traffics over multiple links. A prototype system of the new model which is based on Netfilter mechanism is implemented on Linux platform. Analysis on the test result from the prototype system shows that the new model can work better under the environment of multi-link, and can enhance the capability and reliability of VPN application.

Keywords

IP networks; Internet; computer network reliability; cryptography; intranets; transport protocols; virtual private networks; IP layer; Internet; Linux platform; Netfilter mechanism; TCP/IP protocols; cryptographic method; intranets; multilink aggregate IPSec model; network-layer security; universal information communications infrastructure; virtual private network; Aggregates; Communication system security; Information security; Internet; Linux; Protocols; Prototypes; System testing; Traffic control; Virtual private networks; IPSec; aggregate; multi-link;

fLanguage

English

Publisher

ieee

Conference_Titel

Education Technology and Computer Science, 2009. ETCS '09. First International Workshop on

Conference_Location

Wuhan, Hubei

Print_ISBN

978-1-4244-3581-4

Type

conf

DOI

10.1109/ETCS.2009.639

Filename

4959359