Title :
A Multi-Link Aggregate IPSec Model
Author :
Zhang, Yun-he ; Li, Zhi-Tang ; Wang, Mei-zhen ; Xiao, Ling
Author_Institution :
Sch. of Comput. Sci. & Technol., Huazhong Univ. of Sci. & Technol., Wuhan
Abstract :
Internet has become the universal information communications infrastructure. VPN is commonly used to implement communications over different branch intranets. IPSec is a suit of protocols that adds security to communications at the IP layer, and it is a popular technology to implement VPN. On the basis of analysis on the insufficiency of traditional IPSec systems, a multi-link aggregate IPSec model is proposed. The new model can negotiate multiple groups of security policies on different physical links for same branch intranet pair, and distribute IPSec traffics over multiple links. A prototype system of the new model which is based on Netfilter mechanism is implemented on Linux platform. Analysis on the test result from the prototype system shows that the new model can work better under the environment of multi-link, and can enhance the capability and reliability of VPN application.
Keywords :
IP networks; Internet; computer network reliability; cryptography; intranets; transport protocols; virtual private networks; IP layer; Internet; Linux platform; Netfilter mechanism; TCP/IP protocols; cryptographic method; intranets; multilink aggregate IPSec model; network-layer security; universal information communications infrastructure; virtual private network; Aggregates; Communication system security; Information security; Internet; Linux; Protocols; Prototypes; System testing; Traffic control; Virtual private networks; IPSec; aggregate; multi-link;
Conference_Titel :
Education Technology and Computer Science, 2009. ETCS '09. First International Workshop on
Conference_Location :
Wuhan, Hubei
Print_ISBN :
978-1-4244-3581-4
DOI :
10.1109/ETCS.2009.639
