Open Access
Security Architecture for the Internet Protocol
R. Atkinson
- Vol. 1825, pp 1-101
Reads0
Chats0
TLDR
This document describes an updated version of the "Security Architecture for IP", which is designed to provide security services for traffic at the IP layer, and obsoletes RFC 2401 (November 1998).Abstract:
This document describes an updated version of the "Security
Architecture for IP", which is designed to provide security services
for traffic at the IP layer. This document obsoletes RFC 2401
(November 1998). [STANDARDS-TRACK]read more
Citations
More filters
Proceedings ArticleDOI
An MBone proxy for an application gateway firewall
K. Djahandari,D.E. Sterne +1 more
TL;DR: The design and rationale for a new set of facilities for the Trusted Information Systems (TIS) Internet Firewall Toolkit (FWTK) significantly reduce the security risks of observing or participating in MBone conferences.
Better-Than-Nothing Security: An Unauthenticated Mode of IPsec
TL;DR: This document specifies how to use the Internet Key Exchange protocols, such as Ikev1 and IKEv2, to setup "unauthenticated" security associations (SAs) for use with the IPsec Encapsulating Security Payload (ESP) and the IP Security Header (AH).
Patent
Real time active network compartmentalization
TL;DR: In this paper, security policy manager devices are leveraged by manager objects to use highly secure user transparent communications to provide detection of questionable activities at every node, automatic collection of information related to any potential attack, isolation of the offending object with arbitrary flexibility of response (e.g. flexibly determining the level of certainty of an attack for initiation of a response in accordance with the number of nodes to be partitioned that is determined by the collected data concerning the potential attack), changing trust relationships between security domains, limiting the attack and launching offensive information warfare capabilities (i.e.
Journal ArticleDOI
Laboratory experiments for network security instruction
TL;DR: A sequence of five experiments on network security that cast students successively in the roles of computer user, programmer, and system administrator are described, suggesting that the experiments are well-suited for introductory security or networking courses.
Journal ArticleDOI
An address autoconfiguration protocol for IPv6 hosts in a mobile ad hoc network
Zhong Fan,Siva Subramani +1 more
TL;DR: This paper proposes an approach to IPv6 address autoconfigureduration in ad hoc networks, where the IPv6 Stateless Address Autoconfiguration Protocol and Neighbour Discovery Protocol are applied to the context of ad hoc Networks.
References
More filters
Journal ArticleDOI
New Directions in Cryptography
TL;DR: This paper suggests ways to solve currently open problems in cryptography, and discusses how the theories of communication and computation are beginning to provide the tools to solve cryptographic problems of long standing.
Key words for use in RFCs to Indicate Requirement Levels
TL;DR: This document defines these words as they should be interpreted in IETF documents as well as providing guidelines for authors to incorporate this phrase near the beginning of their document.
Journal ArticleDOI
Using encryption for authentication in large networks of computers
TL;DR: Use of encryption to achieve authenticated communication in computer networks is discussed and example protocols are presented for the establishment of authenticated connections, for the management of authenticated mail, and for signature verification and document integrity guarantee.
Internet Protocol, Version 6 (IPv6) Specification
S. Deering,R. Hinden +1 more
TL;DR: In this paper, the authors specify version 6 of the Internet Protocol (IPv6), also referred to as IP Next Generation or IPng, and propose a new protocol called IPng.
Internet Protocol
TL;DR: Along with TCP, IP represents the heart of the Internet protocols and has two primary responsibilities: providing connectionless, best-effort delivery of datagrams through an internetwork; and providing fragmentation and reassembly of data links to support data links with different maximum transmission unit (MTU) sizes.