Security Architecture for the Internet Protocol
01 Aug 1995-Vol. 1825, pp 1-101
TL;DR: This document describes an updated version of the "Security Architecture for IP", which is designed to provide security services for traffic at the IP layer, and obsoletes RFC 2401 (November 1998).
Abstract: This document describes an updated version of the "Security
Architecture for IP", which is designed to provide security services
for traffic at the IP layer. This document obsoletes RFC 2401
(November 1998). [STANDARDS-TRACK]
Citations
More filters
Book•
01 Jan 2007
TL;DR: Cryptography and Security Devices: Mechanisms and Applications addresses cryptography from the perspective of the security services and mechanisms available to implement these services: discussing issues such as e-mail security, public-key architecture, virtual private networks, Web services security, wireless security, and the confidentiality and integrity of security services.
Abstract: Today's information technology and security networks demand increasingly complex algorithms and cryptographic systems. Individuals implementing security policies for their companies must utilize technical skill and information technology knowledge to implement these security mechanisms. Cryptography and Security Devices: Mechanisms and Applications addresses cryptography from the perspective of the security services and mechanisms available to implement these services: discussing issues such as e-mail security, public-key architecture, virtual private networks, Web services security, wireless security, and the confidentiality and integrity of security services. This book provides scholars and practitioners in the field of information assurance working knowledge of fundamental encryption algorithms and systems supported in information technology and secure communication networks.
66 citations
TL;DR: Looking ahead, these provider-provisioned and managed VPNs are intended to emulate whatever local- or wide-area network connectivity customers desire.
Abstract: Virtual private networks (VPNs) are discrete network entities configured and operated over a shared network infrastructure. An intranet is a VPN in which all the sites (the customer locations that are part of a VPN) belong to a single organization. An extranet is a VPN with two or more organizations wishing to share (some) information. In the business world, VPNs let corporate locations share information over the Internet. VPN technology is being extended to the home office, providing telecommuters with the networking security and performance commensurate with that available at the office. Service providers are looking at their geographic footprints and their network routing expertise to create and deliver new revenue-generating VPN services. Looking ahead, these provider-provisioned and managed VPNs are intended to emulate whatever local- or wide-area network connectivity customers desire.
66 citations
Patent•
01 Nov 2011
TL;DR: In this paper, a cache defeat detection system and methods for caching of content addressed by identifiers intended to defeat cache are further disclosed, which includes a system for optimizing resources in a mobile network, by for example performing one or more of, identifying a parameter in an identifier used in multiple polling requests to a given content source; means for, detecting that the parameter in the identifier changes for each of the polling requests; determining whether responses received from the given content sources are the same for each voting requests; and/or caching the responses on the mobile device in response to determining that the
Abstract: Systems and methods for cache defeat detection are disclosed. Moreover, systems and methods for caching of content addressed by identifiers intended to defeat cache are further disclosed. In one aspect, embodiments of the present disclosure include a system for optimizing resources in a mobile network, by for example performing one or more of, identifying a parameter in an identifier used in multiple polling requests to a given content source; means for, detecting that the parameter in the identifier changes for each of the polling requests; determining whether responses received from the given content source are the same for each of the multiple polling requests; and/or caching the responses on the mobile device in response to determining that the responses received for the given content source are the same.
65 citations
TL;DR: This validation considers the development of two ITS applications using CAM and DENM functionalities for tracking vehicles and disseminating traffic incidences and demonstrates both facilities to be able to offer all the necessary functionality for the study case.
Abstract: The Cooperative Awareness Basic Service and Decentralized Environmental Notification Basic Service have been standardized by the European Telecommunications Standards Institute (ETSI) to support vehicular safety and traffic efficiency applications needing continuous status information about surrounding vehicles and asynchronous notification of events, respectively. These standard specifications detail not only the packet formats for both the Cooperative Awareness Message (CAM) and Decentralized Environmental Notification Message (DENM), but also the general message dissemination rules. These basic services, also known as facilities, have been developed as part of a set of standards in which both ISO and ETSI describe the Reference Communication Architecture for future Intelligent Transportation Systems (ITS). By using a communications stack that instantiates this reference architecture, this paper puts in practice the usage of both facilities in a real vehicular scenario. This research work details implementation decisions and evaluates the performance of CAM and DENM facilities through a experimental testbed deployed in a semi-urban environment that uses IEEE 802.11p (ETSI G5-compliant), which is a WiFi-like communication technology conceived for vehicular communications. On the one hand, this validation considers the development of two ITS applications using CAM and DENM functionalities for tracking vehicles and disseminating traffic incidences. In this case, CAM and DENM have demonstrated to be able to offer all the necessary functionality for the study case. On the other hand, both facilities have been also validated in a extensive testing campaign in order to analyze the influence in CAM and DENM performance of aspects such as vehicle speed, signal quality or message dissemination rules. In these tests, the line of sight, equipment installation point and hardware capabilities, have been found as key variables in the network performance, while the vehicle speed has implied a slight impact.
65 citations
Patent•
19 Nov 2009
TL;DR: In this paper, the authors propose a method for detecting removable media devices coupled to a digital device, authenticating a password to access the removable media device, injecting redirection code into the digital device and intercepting a request for data, determining to allow the request based on a security policy, and providing the data based on the determination.
Abstract: In various embodiments, a method comprises detecting a removable media device coupled to a digital device, authenticating a password to access the removable media device, injecting redirection code into the digital device, intercepting, with the redirection code, a request for data, determining to allow the request for data based on a security policy, and providing the data based on the determination. The method may further comprise selecting the security policy from a plurality of security policies based, at least in part, on the password and/or filtering the content of the requested data. Filtering the content may comprise scanning the data for malware. Filtering the content may also comprise scanning the data for confidential information.
64 citations
References
More filters
TL;DR: This paper suggests ways to solve currently open problems in cryptography, and discusses how the theories of communication and computation are beginning to provide the tools to solve cryptographic problems of long standing.
Abstract: Two kinds of contemporary developments in cryptography are examined. Widening applications of teleprocessing have given rise to a need for new types of cryptographic systems, which minimize the need for secure key distribution channels and supply the equivalent of a written signature. This paper suggests ways to solve these currently open problems. It also discusses how the theories of communication and computation are beginning to provide the tools to solve cryptographic problems of long standing.
14,980 citations
01 Mar 1997
TL;DR: This document defines these words as they should be interpreted in IETF documents as well as providing guidelines for authors to incorporate this phrase near the beginning of their document.
Abstract: In many standards track documents several words are used to signify the requirements in the specification. These words are often capitalized. This document defines these words as they should be interpreted in IETF documents. Authors who follow these guidelines should incorporate this phrase near the beginning of their document:
3,501 citations
PARC1
TL;DR: Use of encryption to achieve authenticated communication in computer networks is discussed and example protocols are presented for the establishment of authenticated connections, for the management of authenticated mail, and for signature verification and document integrity guarantee.
Abstract: Use of encryption to achieve authenticated communication in computer networks is discussed. Example protocols are presented for the establishment of authenticated connections, for the management of authenticated mail, and for signature verification and document integrity guarantee. Both conventional and public-key encryption algorithms are considered as the basis for protocols.
2,671 citations
01 Dec 1995
TL;DR: In this paper, the authors specify version 6 of the Internet Protocol (IPv6), also referred to as IP Next Generation or IPng, and propose a new protocol called IPng.
Abstract: This document specifies version 6 of the Internet Protocol (IPv6), also sometimes referred to as IP Next Generation or IPng.
2,112 citations
[...]
01 Sep 1981
TL;DR: Along with TCP, IP represents the heart of the Internet protocols and has two primary responsibilities: providing connectionless, best-effort delivery of datagrams through an internetwork; and providing fragmentation and reassembly of data links to support data links with different maximum transmission unit (MTU) sizes.
Abstract: IP is a network layer (Layer 3) protocol that contains addressing information and some control information that enables packets to be routed. IP is documented in RFC 791 and is the primary network layer protocol in the Internet protocol suite. Along with TCP, IP represents the heart of the Internet protocols. IP has two primary responsibilities: providing connectionless, best-effort delivery of datagrams through an internetwork; and providing fragmentation and reassembly of datagrams to support data links with different maximum transmission unit (MTU) sizes.
1,967 citations