scispace - formally typeset
Search or ask a question

Security Architecture for the Internet Protocol

01 Aug 1995-Vol. 1825, pp 1-101
TL;DR: This document describes an updated version of the "Security Architecture for IP", which is designed to provide security services for traffic at the IP layer, and obsoletes RFC 2401 (November 1998).
Abstract: This document describes an updated version of the "Security Architecture for IP", which is designed to provide security services for traffic at the IP layer. This document obsoletes RFC 2401 (November 1998). [STANDARDS-TRACK]

Content maybe subject to copyright    Report

Citations
More filters
Journal ArticleDOI
TL;DR: This paper aims to provide a comprehensive survey on UWAN security by first discussing the fundamental of network security in general and the main UWANsecurity threats faced by the physical layer to the transport layer, and reviewing countermeasure schemes against the typical UWANSecurity threats.
Abstract: Underwater acoustic networks (UWANs) are often deployed in unattended and untransparent or even hostile environments and face many security threats, while many applications based on UWANs require secure communication, such as costal defense, submarine communication and harbor security. Peculiar features of UWANs such as very constrained resources pose big challenges in defending UWANs against security threats, and many research results are published to address these issues along with several brief surveys available in the literature. This paper aims to provide a comprehensive survey on UWAN security by first discussing the fundamental of network security in general and the main UWAN security threats faced by the physical layer to the transport layer. Then the paper reviews countermeasure schemes against the typical UWAN security threats, securing UWAN protocols and cryptographic primitives designed for UWANs as well as UWAN security structures that address several security issues systematically. The research of UWAN security is still in an early stage, and the paper discusses several important issues necessarily for further studies at the end.

76 citations

01 Jan 2006
TL;DR: A preliminary description of RNA is provided, its rationale, and discusses its features and challenges to encourage cleaner cross-layer interaction and to support dynamic service composition.
Abstract: The Recursive Network Architecture (RNA) explores the relationship of layering to protocol and network architecture. RNA examines the implications of using a single, tunable protocol for different layers of the protocol stack, reusing basic protocol operations across different protocol layers to avoid reimplementation. Its primary goal is to encourage cleaner cross-layer interaction and to support dynamic service composition, and to gain an understanding of how layering affects architecture. This document provides a preliminary description of RNA, its rationale, and discusses its features and challenges.

76 citations

Proceedings ArticleDOI
02 Apr 2003
TL;DR: Two transition mechanisms, namely 6-over-4, and IPv6 in IPv4 tunneling, are examined and empirically evaluated, as they relate to the performance of IPv6.
Abstract: The next-generation Internet protocol, initially known as IP next generation (IPng), and then later IPv6, has been developed by the Internet Engineering Task Force (IETF) to replace the current Internet protocol (also known as IPv4). To enable the integration of IPv6 into current networks, several transition mechanisms have been proposed by the IETF IPng Transition Working Group. Two transition mechanisms are examined and empirically evaluated, namely 6-over-4, and IPv6 in IPv4 tunneling, as they relate to the performance of IPv6. The impact of these approaches are explored on end-to-end user application performance using metrics such as throughput, latency, host CPU utilization, TCP connection time, and the number of TCP connections per second that a client can establish with a remote server. All experiments were conducted using two duals stack (IPv4/IPv6) routers and two end-stations running Windows 2000, loaded with a dual IPv4/IPv6 stack.

76 citations

Proceedings ArticleDOI
Steven M. Bellovin1
06 Dec 2004
TL;DR: It is instructive to look back at that paper on security problems in the TCP/IP protocol suite, to see where my focus and my predictions were accurate, where I was wrong, and where dangers have yet to happen.
Abstract: About fifteen years ago, I wrote a paper on security problems in the TCP/IP protocol suite, In particular, I focused on protocol-level issues, rather than implementation flaws. It is instructive to look back at that paper, to see where my focus and my predictions were accurate, where I was wrong, and where dangers have yet to happen. This is a reprint of the original paper, with added commentary.

76 citations


Cites background from "Security Architecture for the Inter..."

  • ...But Blacker was obsolescent even as I wrote the original paper; SP3—the ancestor of IPsec [57] —was being defined as part of the Secure Data Network System....

    [...]

Journal ArticleDOI
Refik Molva1
TL;DR: The IPsec architecture including security protocols in the Internet Layer and the related key management proposals are introduced, and the transport layer security protocol and security issues in the network control and management are presented.

75 citations

References
More filters
Journal ArticleDOI
TL;DR: This paper suggests ways to solve currently open problems in cryptography, and discusses how the theories of communication and computation are beginning to provide the tools to solve cryptographic problems of long standing.
Abstract: Two kinds of contemporary developments in cryptography are examined. Widening applications of teleprocessing have given rise to a need for new types of cryptographic systems, which minimize the need for secure key distribution channels and supply the equivalent of a written signature. This paper suggests ways to solve these currently open problems. It also discusses how the theories of communication and computation are beginning to provide the tools to solve cryptographic problems of long standing.

14,980 citations

01 Mar 1997
TL;DR: This document defines these words as they should be interpreted in IETF documents as well as providing guidelines for authors to incorporate this phrase near the beginning of their document.
Abstract: In many standards track documents several words are used to signify the requirements in the specification. These words are often capitalized. This document defines these words as they should be interpreted in IETF documents. Authors who follow these guidelines should incorporate this phrase near the beginning of their document:

3,501 citations

Journal ArticleDOI
TL;DR: Use of encryption to achieve authenticated communication in computer networks is discussed and example protocols are presented for the establishment of authenticated connections, for the management of authenticated mail, and for signature verification and document integrity guarantee.
Abstract: Use of encryption to achieve authenticated communication in computer networks is discussed. Example protocols are presented for the establishment of authenticated connections, for the management of authenticated mail, and for signature verification and document integrity guarantee. Both conventional and public-key encryption algorithms are considered as the basis for protocols.

2,671 citations

01 Dec 1995
TL;DR: In this paper, the authors specify version 6 of the Internet Protocol (IPv6), also referred to as IP Next Generation or IPng, and propose a new protocol called IPng.
Abstract: This document specifies version 6 of the Internet Protocol (IPv6), also sometimes referred to as IP Next Generation or IPng.

2,112 citations

01 Sep 1981
TL;DR: Along with TCP, IP represents the heart of the Internet protocols and has two primary responsibilities: providing connectionless, best-effort delivery of datagrams through an internetwork; and providing fragmentation and reassembly of data links to support data links with different maximum transmission unit (MTU) sizes.
Abstract: IP is a network layer (Layer 3) protocol that contains addressing information and some control information that enables packets to be routed. IP is documented in RFC 791 and is the primary network layer protocol in the Internet protocol suite. Along with TCP, IP represents the heart of the Internet protocols. IP has two primary responsibilities: providing connectionless, best-effort delivery of datagrams through an internetwork; and providing fragmentation and reassembly of datagrams to support data links with different maximum transmission unit (MTU) sizes.

1,967 citations