Security Architecture for the Internet Protocol
01 Aug 1995-Vol. 1825, pp 1-101
TL;DR: This document describes an updated version of the "Security Architecture for IP", which is designed to provide security services for traffic at the IP layer, and obsoletes RFC 2401 (November 1998).
Abstract: This document describes an updated version of the "Security
Architecture for IP", which is designed to provide security services
for traffic at the IP layer. This document obsoletes RFC 2401
(November 1998). [STANDARDS-TRACK]
Citations
More filters
Patent•
21 Jan 2003
TL;DR: In this paper, a secure forwarding of a message from a first computer to a second computer via an intermediate computer in a telecommunication network is described. But the message is forwarded to the second computer, not to the first computer.
Abstract: The method and system enable secure forwarding of a message from a first computer to a second computer via an intermediate computer in a telecommunication network. A message is formed in the first computer or in a computer that is served by the first computer, and in the latter case, sending the message to the first computer. In the first computer, a secure message is then formed by giving the message a unique identity and a destination address. The message is sent from the first computer to the intermediate computer after which the destination address and the unique identity are used to find an address to the second computer. The current destination address is substituted with the found address to the second computer, and the unique identity is substituted with another unique identity. Then the message is forwarded to the second computer.
34 citations
01 Dec 2011
TL;DR: This paper is focused on low voltage network management use cases developed within the context of INTEGRIS and their ICT requirements to test the level of performance provided by the ICT architecture developed in the mentioned project.
Abstract: Real-time low voltage network management is becoming possible thanks to massive smart meter rollouts, integration of them to distribution network management systems and utilization of distributed energy resources in distribution network management Nowadays low voltage network management is emerging by integrating automatic meter infrastructure to centralized systems like SCADA/DMS European project INTEGRIS is proposing a distributed approach based on hybrid and meshed communication The paper is focused on low voltage network management use cases developed within the context of INTEGRIS and their ICT requirements to test the level of performance provided by the ICT architecture developed in the mentioned project
33 citations
TL;DR: A novel hybrid framework for enhanced end-to-end security in the new generation SIP-empowered VoIP environments is developed, based on the introduction of proven technologies such as digital signatures and efficient streamline encryption to enforce calling party identification, privacy, no-replay and non-repudiation throughout the whole IP Telephony system.
33 citations
TL;DR: A deep revision of several security aspects of TLS and PKI, with a particular focus on current certificate pinning solutions in order to illustrate the potential problems that should be addressed in these scenarios.
Abstract: Transport layer security (TLS) is becoming the de facto standard to provide end-to-end security in the current Internet. IoT and M2M scenarios are not an exception since TLS is also being adopted there. The ability of TLS for negotiating any security parameter, its flexibility and extensibility are responsible for its wide adoption but also for several attacks. Moreover, as it relies on public key infrastructure (PKI) for authentication, it is also affected by PKI problems. Considering the advent of IoT/M2M scenarios and their particularities, it is necessary to have a closer look at TLS history to evaluate the potential challenges of using TLS and PKI in these scenarios. According to this, this paper provides a deep revision of several security aspects of TLS and PKI, with a particular focus on current certificate pinning solutions in order to illustrate the potential problems that should be addressed.
33 citations
Patent•
11 Sep 2015TL;DR: In this paper, a delay measurement method for software-defined networking (SDN) systems is described, in which one packet each is received from a first and a second network device, and the time stamps of these packets are recorded in a set of ingress time stamps and egress time stamps respectively.
Abstract: Methods for delay measurement in a software-defined networking (SDN) system are disclosed. In one embodiment, one packet each is received from a first and a second network device. The time stamps of these packets are recorded in a set of ingress time stamps and a set of egress time stamps respectively if the first and second network devices are the ingress and egress network devices of a traffic flow and if both packets include indications for delay measurement. Then the method continues with a delay measure for the traffic flow based on at least the sets of the ingress time stamps and egress time stamps associated with the flow identifier of the traffic flow, and a measurement noise the electronic device obtained from sending measurement packets to the first and second network devices.
33 citations
References
More filters
TL;DR: This paper suggests ways to solve currently open problems in cryptography, and discusses how the theories of communication and computation are beginning to provide the tools to solve cryptographic problems of long standing.
Abstract: Two kinds of contemporary developments in cryptography are examined. Widening applications of teleprocessing have given rise to a need for new types of cryptographic systems, which minimize the need for secure key distribution channels and supply the equivalent of a written signature. This paper suggests ways to solve these currently open problems. It also discusses how the theories of communication and computation are beginning to provide the tools to solve cryptographic problems of long standing.
14,980 citations
01 Mar 1997
TL;DR: This document defines these words as they should be interpreted in IETF documents as well as providing guidelines for authors to incorporate this phrase near the beginning of their document.
Abstract: In many standards track documents several words are used to signify the requirements in the specification. These words are often capitalized. This document defines these words as they should be interpreted in IETF documents. Authors who follow these guidelines should incorporate this phrase near the beginning of their document:
3,501 citations
PARC1
TL;DR: Use of encryption to achieve authenticated communication in computer networks is discussed and example protocols are presented for the establishment of authenticated connections, for the management of authenticated mail, and for signature verification and document integrity guarantee.
Abstract: Use of encryption to achieve authenticated communication in computer networks is discussed. Example protocols are presented for the establishment of authenticated connections, for the management of authenticated mail, and for signature verification and document integrity guarantee. Both conventional and public-key encryption algorithms are considered as the basis for protocols.
2,671 citations
01 Dec 1995
TL;DR: In this paper, the authors specify version 6 of the Internet Protocol (IPv6), also referred to as IP Next Generation or IPng, and propose a new protocol called IPng.
Abstract: This document specifies version 6 of the Internet Protocol (IPv6), also sometimes referred to as IP Next Generation or IPng.
2,112 citations
[...]
01 Sep 1981
TL;DR: Along with TCP, IP represents the heart of the Internet protocols and has two primary responsibilities: providing connectionless, best-effort delivery of datagrams through an internetwork; and providing fragmentation and reassembly of data links to support data links with different maximum transmission unit (MTU) sizes.
Abstract: IP is a network layer (Layer 3) protocol that contains addressing information and some control information that enables packets to be routed. IP is documented in RFC 791 and is the primary network layer protocol in the Internet protocol suite. Along with TCP, IP represents the heart of the Internet protocols. IP has two primary responsibilities: providing connectionless, best-effort delivery of datagrams through an internetwork; and providing fragmentation and reassembly of datagrams to support data links with different maximum transmission unit (MTU) sizes.
1,967 citations