• DocumentCode
    2118339
  • Title

    Design and Implementation of Distributed Firewall System for IPv6

  • Author

    Lai, Yingxu ; Jiang, Guangzhi ; Li, Jian ; Yang, Zhen

  • Author_Institution
    Dept. of Inf. Security, Beijing Univ. of Technol., Beijing
  • fYear
    2009
  • fDate
    27-28 Feb. 2009
  • Firstpage
    428
  • Lastpage
    432
  • Abstract
    The deployment of the IPv6 network becomes to be realized as the necessity of the IPv6 network is enlarged due to the limit of the IPv4 network. However, the security policy about the IPv6 network is not mature and it becomes an obstacle in the IPv6 network deployment. Attackers can detour the access control of packet filtering system, unless packet filtering system can decrypt IPSec packet. This paper introduces the implementation of Distributed Firewall System (DFS) that can be applicable to the IPv6 network and has capabilities of processing encrypted IPSec packet. The prototype introduced in this paper has been implemented in order to be applied to the IPv6 network preferentially. Although it has a limit to forward performance, the prototype can give the basic concepts toward the IPv6-based DFS equipment.
  • Keywords
    Internet; authorisation; transport protocols; IPv6; access control; distributed firewall system; packet filtering system; security policy; Authentication; Cryptography; Data security; Electrostatic precipitators; Filtering; Information security; Internet; Protection; Prototypes; Telecommunication traffic; IPSec; IPv6; attack; firewall;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Communication Software and Networks, 2009. ICCSN '09. International Conference on
  • Conference_Location
    Macau
  • Print_ISBN
    978-0-7695-3522-7
  • Type

    conf

  • DOI
    10.1109/ICCSN.2009.121
  • Filename
    5076887
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=2118339