Security Architecture for the Internet Protocol
01 Aug 1995-Vol. 1825, pp 1-101
TL;DR: This document describes an updated version of the "Security Architecture for IP", which is designed to provide security services for traffic at the IP layer, and obsoletes RFC 2401 (November 1998).
Abstract: This document describes an updated version of the "Security
Architecture for IP", which is designed to provide security services
for traffic at the IP layer. This document obsoletes RFC 2401
(November 1998). [STANDARDS-TRACK]
Citations
More filters
TL;DR: This paper examines strategies for implementing and operating IP routing effectively within satellite constellation networks, given known constraints on the constellation resulting from satellite mobility, global visibility, routing and addressing.
Abstract: This paper examines strategies for implementing and operating IP routing effectively within satellite constellation networks, given known constraints on the constellation resulting from satellite mobility, global visibility, routing and addressing.
164 citations
Proceedings Article•
01 Jan 2000
TL;DR: Examining interoperability, the efficacy of the S-BGP countermeasures in securing BGP control traffic, and their impact on BGP performance, and thus evaluating the feasibility of deployment in the Internet are described.
Abstract: The Border Gateway Protocol (BGP), which is used to distribute routing information between autonomous systems, is an important component of the Internet’s routing infrastructure. Secure BGP (S-BGP) addresses critical BGP vulnerabilities by providing a scalable means of verifying the authenticity and authorization of BGP control traffic. To facilitate widespread adoption, S-BGP must avoid introducing undue overhead (processing, bandwidth, storage) and must be incrementally deployable, i.e., interoperable with BGP. To provide a proof of concept demonstration, we developed a prototype implementation of S-BGP and deployed it in DARPA’s CAIRN testbed. Real Internet BGP traffic was fed to the testbed routers via replay of a recorded BGP peering session with an ISP’s BGP router. This document describes the results of these experiments ‐ examining interoperability, the efficacy of the S-BGP countermeasures in securing BGP control traffic, and their impact on BGP performance, and thus evaluating the feasibility of deployment in the Internet.
164 citations
01 Jan 2000
TL;DR: A secure, scalable, deployable architecture (S-BGP) for an authorization and authentication system that addresses most of the security problems associated with BGP is described.
Abstract: The Border Gateway Protocol (BGP), which is used to distribute routing information between autonomous systems (ASes), is a critical component of the Internet's routing infrastructure. It is highly vulnerable to a variety of malicious attacks, due to the lack of a secure means of verifying the authenticity and legitimacy of BGP control traffic. This document describes a secure, scalable, deployable architecture (S-BGP) for an authorization and authentication system that addresses most of the security problems associated with BGP. The paper discusses the vulnerabilities and security requirements associated with BGP, describes the S-BGP countermeasures, and explains how they address these vulnerabilities and requirements. In addition, this paper provides a comparison of this architecture with other approaches that have been proposed, analyzes the performance implications of the proposed countermeasures, and addresses operational issues.
164 citations
Patent•
01 Apr 2014TL;DR: In this article, an on-board unit (OBU) in communication with an internal subsystem in a vehicle on at least one Ethernet network and a node on a wireless network is described.
Abstract: A system includes an on-board unit (OBU) in communication with an internal subsystem in a vehicle on at least one Ethernet network and a node on a wireless network. A method in one embodiment includes receiving a message on the Ethernet network in the vehicle, encapsulating the message to facilitate translation to Ethernet protocol if the message is not in Ethernet protocol, and transmitting the message in Ethernet protocol to its destination. Certain embodiments include optimizing data transmission over the wireless network using redundancy caches, dictionaries, object contexts databases, speech templates and protocol header templates, and cross layer optimization of data flow from a receiver to a sender over a TCP connection. Certain embodiments also include dynamically identifying and selecting an operating frequency with least interference for data transmission over the wireless network.
164 citations
Patent•
30 Mar 2011
TL;DR: In this article, a 3D mobile user interface with configurable workspace management is described, where the user can customize or create a unique, nonmutually exclusive grouping, aggregation, or category of applications, services, accounts, or items.
Abstract: Systems and methods of a 3D mobile user interface with configurable workspace management are disclosed. In one aspect, embodiments of the present disclosure include a method, which may be implemented on a system, of a three-dimensional, multi-layer user interface of a mobile device in a mobile network. User environment may include one or more layers or levels of applications, services, or accounts that are all easily accessible to and navigable by the user. For example, an indicator can be used to access a workspace in 3D representing a category or grouping of services or applications for the user. The user can customize or create a unique, non-mutually exclusive grouping, aggregation, or category of applications, services, accounts, or items. The grouping of indicators can be used to swiftly and efficiently navigate to a desired application, service, account or item, in a 3D-enabled user environment.
163 citations
References
More filters
TL;DR: This paper suggests ways to solve currently open problems in cryptography, and discusses how the theories of communication and computation are beginning to provide the tools to solve cryptographic problems of long standing.
Abstract: Two kinds of contemporary developments in cryptography are examined. Widening applications of teleprocessing have given rise to a need for new types of cryptographic systems, which minimize the need for secure key distribution channels and supply the equivalent of a written signature. This paper suggests ways to solve these currently open problems. It also discusses how the theories of communication and computation are beginning to provide the tools to solve cryptographic problems of long standing.
14,980 citations
01 Mar 1997
TL;DR: This document defines these words as they should be interpreted in IETF documents as well as providing guidelines for authors to incorporate this phrase near the beginning of their document.
Abstract: In many standards track documents several words are used to signify the requirements in the specification. These words are often capitalized. This document defines these words as they should be interpreted in IETF documents. Authors who follow these guidelines should incorporate this phrase near the beginning of their document:
3,501 citations
PARC1
TL;DR: Use of encryption to achieve authenticated communication in computer networks is discussed and example protocols are presented for the establishment of authenticated connections, for the management of authenticated mail, and for signature verification and document integrity guarantee.
Abstract: Use of encryption to achieve authenticated communication in computer networks is discussed. Example protocols are presented for the establishment of authenticated connections, for the management of authenticated mail, and for signature verification and document integrity guarantee. Both conventional and public-key encryption algorithms are considered as the basis for protocols.
2,671 citations
01 Dec 1995
TL;DR: In this paper, the authors specify version 6 of the Internet Protocol (IPv6), also referred to as IP Next Generation or IPng, and propose a new protocol called IPng.
Abstract: This document specifies version 6 of the Internet Protocol (IPv6), also sometimes referred to as IP Next Generation or IPng.
2,112 citations
[...]
01 Sep 1981
TL;DR: Along with TCP, IP represents the heart of the Internet protocols and has two primary responsibilities: providing connectionless, best-effort delivery of datagrams through an internetwork; and providing fragmentation and reassembly of data links to support data links with different maximum transmission unit (MTU) sizes.
Abstract: IP is a network layer (Layer 3) protocol that contains addressing information and some control information that enables packets to be routed. IP is documented in RFC 791 and is the primary network layer protocol in the Internet protocol suite. Along with TCP, IP represents the heart of the Internet protocols. IP has two primary responsibilities: providing connectionless, best-effort delivery of datagrams through an internetwork; and providing fragmentation and reassembly of datagrams to support data links with different maximum transmission unit (MTU) sizes.
1,967 citations