Security Architecture for the Internet Protocol
01 Aug 1995-Vol. 1825, pp 1-101
TL;DR: This document describes an updated version of the "Security Architecture for IP", which is designed to provide security services for traffic at the IP layer, and obsoletes RFC 2401 (November 1998).
Abstract: This document describes an updated version of the "Security
Architecture for IP", which is designed to provide security services
for traffic at the IP layer. This document obsoletes RFC 2401
(November 1998). [STANDARDS-TRACK]
Citations
More filters
29 May 2013
TL;DR: The EV-specific components and their control, considering the battery, electric motor, and electric powertrain are introduced and how middleware and verification techniques can help to reduce the design and test complexity are shown.
Abstract: This paper gives an overview of the system architecture and software design challenges for Electric Vehicles (EVs). First, we introduce the EV-specific components and their control, considering the battery, electric motor, and electric powertrain. Moreover, technologies that will help to advance safety and energy efficiency of EVs such as drive-by-wire and information systems are discussed. Regarding the system architecture, we present challenges in the domain of communication and computation platforms. A paradigm shift towards time-triggered in-vehicle communication systems becomes inevitable for the sake of determinism, making the introduction of new bus systems and protocols necessary. At the same time, novel computational devices promise high processing power at low cost which will make a reduction in the number of Electronic Control Units (ECUs) possible. As a result, the software design has to be performed in a holistic manner, considering the controlled component while transparently abstracting the underlying hardware architecture. For this purpose, we show how middleware and verification techniques can help to reduce the design and test complexity. At the same time, with the growing connectivity of EVs, security has to become a major design objective, considering possible threats and a security-aware design as discussed in this paper.
44 citations
Patent•
27 Jun 1997TL;DR: In this paper, a user-held table indicating correspondence between repeaters and passwords, a repeater-held access region table indicating access regions for users, departments of users and official positions of users, and a route control information storing table indicating correspondences between networks and next transmitting destination is also provided to execute the access control for each user.
Abstract: In view of providing a network system enabling communication having passed fire walls (repeaters) and assuring high security and operation flexibility through access control based on users and applications, a user-held table indicating correspondence between repeaters and passwords, a repeater-held table indicating correspondence between users and passwords and a table indicating access regions are defined respectively for users, departments of users and official positions of users and a route control information storing table indicating correspondence between networks and next transmitting destination is also provided to execute the access control for each user. Moreover, the repeater is provided with the repeating route control table so that a repeater located in the course of route to the transmitting destination computer and allowing communication from the transmitting side computer is selected from the data repeating control table and the process for requesting the repeating operation of communication with the destination is executed to the selected repeater.
43 citations
30 Aug 2004
TL;DR: This paper proposes a complementary methodology, motivated by the view that evolution and interworking flexibility are determined not so much by the principles applied during initial design, but by the choice of fundamental components or "design invariants" in terms of which the design is expressed.
Abstract: The first age of Internet architectural thinking concentrated on defining the correct principles for designing a packet-switched network and its application protocol suites. Although these same principles remain valid today, they do not address the question of how to reason about the evolution of the Internet or its interworking with other networks of very different heritages. This paper proposes a complementary methodology, motivated by the view that evolution and interworking flexibility are determined not so much by the principles applied during initial design, but by the choice of fundamental components or "design invariants" in terms of which the design is expressed. The paper discusses the characteristics of such invariants, including examples from the Internet and other networks, and considers what attributes of invariants best support architectural flexibility.
43 citations
Cites background from "Security Architecture for the Inter..."
...In the Internet, IPv4 addresses are still frequently used by various security mechanisms, such as in IPsec [13]....
[...]
...Examples include firewalls, the IP security architecture [13], queue management disciplines and network management systems....
[...]
[...]
17 Nov 2008
TL;DR: The prototype extends the Click modular router with control capabilities including dynamic composition and discovery that are used to demonstrate simple but flexible stacks of instances of a metaprotocol that are customizable at runtime.
Abstract: The recursive network architecture (RNA) explores the relationship of layering to protocol and network architecture. RNA examines the implications of using a single, tunable protocol, called a metaprotocol, for different layers of the protocol stack, reusing basic protocol operations across different protocol layers to avoid reimplementation. Its primary goal is to encourage cleaner cross-layer interaction, to support dynamic service composition, and to gain an understanding of how layering affects architecture. This paper provides a description of RNA and a recently completed initial prototype. The prototype extends the Click modular router with control capabilities including dynamic composition and discovery. These capabilities are used to demonstrate simple but flexible stacks of instances of a metaprotocol that are customizable at runtime.
43 citations
Proceedings Article•
01 Jan 2001
43 citations
References
More filters
TL;DR: This paper suggests ways to solve currently open problems in cryptography, and discusses how the theories of communication and computation are beginning to provide the tools to solve cryptographic problems of long standing.
Abstract: Two kinds of contemporary developments in cryptography are examined. Widening applications of teleprocessing have given rise to a need for new types of cryptographic systems, which minimize the need for secure key distribution channels and supply the equivalent of a written signature. This paper suggests ways to solve these currently open problems. It also discusses how the theories of communication and computation are beginning to provide the tools to solve cryptographic problems of long standing.
14,980 citations
01 Mar 1997
TL;DR: This document defines these words as they should be interpreted in IETF documents as well as providing guidelines for authors to incorporate this phrase near the beginning of their document.
Abstract: In many standards track documents several words are used to signify the requirements in the specification. These words are often capitalized. This document defines these words as they should be interpreted in IETF documents. Authors who follow these guidelines should incorporate this phrase near the beginning of their document:
3,501 citations
PARC1
TL;DR: Use of encryption to achieve authenticated communication in computer networks is discussed and example protocols are presented for the establishment of authenticated connections, for the management of authenticated mail, and for signature verification and document integrity guarantee.
Abstract: Use of encryption to achieve authenticated communication in computer networks is discussed. Example protocols are presented for the establishment of authenticated connections, for the management of authenticated mail, and for signature verification and document integrity guarantee. Both conventional and public-key encryption algorithms are considered as the basis for protocols.
2,671 citations
01 Dec 1995
TL;DR: In this paper, the authors specify version 6 of the Internet Protocol (IPv6), also referred to as IP Next Generation or IPng, and propose a new protocol called IPng.
Abstract: This document specifies version 6 of the Internet Protocol (IPv6), also sometimes referred to as IP Next Generation or IPng.
2,112 citations
[...]
01 Sep 1981
TL;DR: Along with TCP, IP represents the heart of the Internet protocols and has two primary responsibilities: providing connectionless, best-effort delivery of datagrams through an internetwork; and providing fragmentation and reassembly of data links to support data links with different maximum transmission unit (MTU) sizes.
Abstract: IP is a network layer (Layer 3) protocol that contains addressing information and some control information that enables packets to be routed. IP is documented in RFC 791 and is the primary network layer protocol in the Internet protocol suite. Along with TCP, IP represents the heart of the Internet protocols. IP has two primary responsibilities: providing connectionless, best-effort delivery of datagrams through an internetwork; and providing fragmentation and reassembly of datagrams to support data links with different maximum transmission unit (MTU) sizes.
1,967 citations