Open Access
Security Architecture for the Internet Protocol
R. Atkinson
- Vol. 1825, pp 1-101
Reads0
Chats0
TLDR
This document describes an updated version of the "Security Architecture for IP", which is designed to provide security services for traffic at the IP layer, and obsoletes RFC 2401 (November 1998).Abstract:
This document describes an updated version of the "Security
Architecture for IP", which is designed to provide security services
for traffic at the IP layer. This document obsoletes RFC 2401
(November 1998). [STANDARDS-TRACK]read more
Citations
More filters
Proceedings Article
The case for ubiquitous transport-level encryption
TL;DR: Tcpcrypt is a TCP extension designed to make end-to-end encryption of TCP traffic the default, not the exception, and provides backwards compatibility with legacy TCP stacks and middle-boxes, and minimizes the cost of key negotiation on servers.
Journal ArticleDOI
A multilayer IP security protocol for TCP performance enhancement in wireless networks
TL;DR: This paper analyzes the fundamental problem behind this conflict and develops a solution called multilayer IP-security (ML-IPsec), which allows wireless network operators or service providers to grant limited and controllable access to the TCP headers for performance enhancement purposes.
Patent
System and method employing an agile network protocol for secure communications using secure domain names
TL;DR: In this paper, a system for connecting a first network device and a second network device includes one or more servers, which are configured to: (a) receive, from the first device, a request to look up a network address of the second device based on an identifier associated with the second one; (b) determine, in response to the request, whether the second node is available for a secure communications service; and (c) initiate a virtual private network communication link between the node and the node based on a determination that the node is not available for the secure communication service
Proceedings ArticleDOI
Variable and scalable security: protection of location information in mobile IP
TL;DR: The nondisclosure method (NDM) is presented as a way to provide the user with variable and scalable security and privacy and exemplarily demonstrates the applicability of NDM in an existing network by presenting an upward compatible protocol extension to the Internet protocol (IP), the secure IP in IP protocol.
Journal ArticleDOI
Keeping Denial-of-Service Attackers in the Dark
TL;DR: A protocol is shown that mitigates DoS attacks by adversaries that can eavesdrop and (with some delay) adapt their attacks accordingly and provides effective DoS prevention for realistic attack and deployment scenarios.
References
More filters
Journal ArticleDOI
New Directions in Cryptography
TL;DR: This paper suggests ways to solve currently open problems in cryptography, and discusses how the theories of communication and computation are beginning to provide the tools to solve cryptographic problems of long standing.
Key words for use in RFCs to Indicate Requirement Levels
TL;DR: This document defines these words as they should be interpreted in IETF documents as well as providing guidelines for authors to incorporate this phrase near the beginning of their document.
Journal ArticleDOI
Using encryption for authentication in large networks of computers
TL;DR: Use of encryption to achieve authenticated communication in computer networks is discussed and example protocols are presented for the establishment of authenticated connections, for the management of authenticated mail, and for signature verification and document integrity guarantee.
Internet Protocol, Version 6 (IPv6) Specification
S. Deering,R. Hinden +1 more
TL;DR: In this paper, the authors specify version 6 of the Internet Protocol (IPv6), also referred to as IP Next Generation or IPng, and propose a new protocol called IPng.
Internet Protocol
TL;DR: Along with TCP, IP represents the heart of the Internet protocols and has two primary responsibilities: providing connectionless, best-effort delivery of datagrams through an internetwork; and providing fragmentation and reassembly of data links to support data links with different maximum transmission unit (MTU) sizes.