{"title":"IPsec安全策略系统:问题与实验实现","authors":"M. Baltatu, A. Lioy, D. Lombardo, D. Mazzocchi","doi":"10.1109/ICON.2001.962332","DOIUrl":null,"url":null,"abstract":"IPsec, the standard suite of protocols to provide security in IP networks, and IKE, the commonly used key, management protocol for IPsec, do not address the more general problem of how security policies should be distributed to IPsec nodes. Previous IETF work in the area of network security, provides a definition of the basic requirements of an IP security policy system (IPSP) and a proposal of a security policy protocol (SPP) to exchange security policies. IPSP recommends that traditional mechanisms for distributing network management information (SNMP, COPS) should also be taken into consideration. The first objective of this paper is to evaluate the suitability, of existing network management mechanisms to achieve the goals of IPSP. Subsequently, the paper describes and discusses an approach followed in the implementation of an IPSP system, with emphasis on the implementation of SPP.","PeriodicalId":178842,"journal":{"name":"Proceedings. Ninth IEEE International Conference on Networks, ICON 2001.","volume":"37 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2001-10-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"3","resultStr":"{\"title\":\"Towards a policy system for IPsec: issues and an experimental implementation\",\"authors\":\"M. Baltatu, A. Lioy, D. Lombardo, D. Mazzocchi\",\"doi\":\"10.1109/ICON.2001.962332\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"IPsec, the standard suite of protocols to provide security in IP networks, and IKE, the commonly used key, management protocol for IPsec, do not address the more general problem of how security policies should be distributed to IPsec nodes. Previous IETF work in the area of network security, provides a definition of the basic requirements of an IP security policy system (IPSP) and a proposal of a security policy protocol (SPP) to exchange security policies. IPSP recommends that traditional mechanisms for distributing network management information (SNMP, COPS) should also be taken into consideration. The first objective of this paper is to evaluate the suitability, of existing network management mechanisms to achieve the goals of IPSP. Subsequently, the paper describes and discusses an approach followed in the implementation of an IPSP system, with emphasis on the implementation of SPP.\",\"PeriodicalId\":178842,\"journal\":{\"name\":\"Proceedings. Ninth IEEE International Conference on Networks, ICON 2001.\",\"volume\":\"37 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2001-10-10\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"3\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings. Ninth IEEE International Conference on Networks, ICON 2001.\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICON.2001.962332\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings. Ninth IEEE International Conference on Networks, ICON 2001.","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICON.2001.962332","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Towards a policy system for IPsec: issues and an experimental implementation
IPsec, the standard suite of protocols to provide security in IP networks, and IKE, the commonly used key, management protocol for IPsec, do not address the more general problem of how security policies should be distributed to IPsec nodes. Previous IETF work in the area of network security, provides a definition of the basic requirements of an IP security policy system (IPSP) and a proposal of a security policy protocol (SPP) to exchange security policies. IPSP recommends that traditional mechanisms for distributing network management information (SNMP, COPS) should also be taken into consideration. The first objective of this paper is to evaluate the suitability, of existing network management mechanisms to achieve the goals of IPSP. Subsequently, the paper describes and discusses an approach followed in the implementation of an IPSP system, with emphasis on the implementation of SPP.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
