{"title":"Security mechanisms in a transport layer protocol","authors":"Victor L Voydock, Stephen T Kent","doi":"10.1016/0376-5075(84)90006-0","DOIUrl":null,"url":null,"abstract":"<div><p>This paper describes how the error detection and recovery mechanisms of the proposed National Bureau of Standards (NBS) transport layer protocol can be easily extended to provide secure transmission of information. The security mechanisms are based on the Data Encryption Standard (DES) of the NBS. Two distinct security architectures are described. In the first, the DES hardware is a peripheral I/O device of the computer in which the transport layer resides. In the other, encryption is performed by a hardware device located in the data path between the transport layer and the network layer. The paper argues that, in the long run, the transport layer should be implemented in a front end computer equipped with a DES peripheral. This isolates it from (possibly untrustworthy) host software, and greatly simplifies the job of certifying its correct behavior.</p></div>","PeriodicalId":100316,"journal":{"name":"Computer Networks (1976)","volume":"8 5","pages":"Pages 433-449"},"PeriodicalIF":0.0000,"publicationDate":"1984-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://sci-hub-pdf.com/10.1016/0376-5075(84)90006-0","citationCount":"15","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Computer Networks (1976)","FirstCategoryId":"1085","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/0376507584900060","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 15
Abstract
This paper describes how the error detection and recovery mechanisms of the proposed National Bureau of Standards (NBS) transport layer protocol can be easily extended to provide secure transmission of information. The security mechanisms are based on the Data Encryption Standard (DES) of the NBS. Two distinct security architectures are described. In the first, the DES hardware is a peripheral I/O device of the computer in which the transport layer resides. In the other, encryption is performed by a hardware device located in the data path between the transport layer and the network layer. The paper argues that, in the long run, the transport layer should be implemented in a front end computer equipped with a DES peripheral. This isolates it from (possibly untrustworthy) host software, and greatly simplifies the job of certifying its correct behavior.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
