NeoMAN: Negotiation Management Method for IKE Protocol Based on X.509

Author

Zhao, Zhen ; Ko, Kwang Sun ; Kim, Jung Han ; Kim, In Hyuk ; Eom, Young Ik

Author_Institution

Sch. of Inf. & Commun. Eng., Sungkyunkwan Univ., Suwon

fYear

2008

fDate

23-25 July 2008

Firstpage

335

Lastpage

340

Abstract

The Internet key exchange (IKE) protocol is most widely used as a security key exchange protocol on the Internet. For example, IPSec protocol uses IKE protocol as its mandatory key exchange protocol. The various parameters of the IKE protocol must be configured in advance before establishing a connection. However, its complex options and manual settings diminish in usability. This paper proposes a negotiation management method for the IKE protocol based on X.509, called NeoMAN. We make use of the extension field of the X.509 certificate to carry IKE configuration profiles with and design a negotiation assistant module (NAM) to hold the management processes. Our proposed method reduces the complexity of the configuration process, improves the adaptability of the IKE protocol, and also provides a centralized IKE management approach.

Keywords

Internet; certification; cryptographic protocols; telecommunication security; IKE configuration profile; IKE protocol; IPSec protocol; Internet key exchange; NeoMAN; X.509 certificate; negotiation assistant module; negotiation management method; security key exchange protocol; Conference management; Cryptographic protocols; Data security; Engineering management; Information security; Information technology; Internet; Protection; Sun; Technology management; IKE; Negotiation management; X.509; automatic configuration; certificate; security policy;

fLanguage

English

Publisher

ieee

Conference_Titel

Advanced Language Processing and Web Information Technology, 2008. ALPIT '08. International Conference on

Conference_Location

Dalian Liaoning

Print_ISBN

978-0-7695-3273-8

Type

conf

DOI

10.1109/ALPIT.2008.23

Filename

4584389