Trusted Security Devices for Bandwidth Conservation in IPSec Environments
نویسندگان
چکیده
Information security a is constant concern of Internet data. One security solution is IPSec, which is a set of protocols that provides both data confidentiality and authenticity. Another concern is the last mile bandwidth limitation on many Internet connections. This problem can be mitigated by bandwidth conservation techniques such as Application Layer and Stealth Multicast (SMC). Combining IPSec and multicast techniques would be ideal, but is not possible due to the nature of encrypted data and the requirements of multicast messages. We present the concept of a Trusted Security Device (TSD) which provides efficient bandwidth usage while maintaining security levels offered by IPSec. A TSD cooperates with clients and servers while implementing SMC technology. Minor modifications to clients and servers are necessary to enable discovery, key exchange, and communication between clients, servers, and TSDs. TSD technology is applicable to streaming data where confidentiality, authentication, and bandwidth conservation are concerns.
منابع مشابه
Performance Evaluation of Secure Data Transmission Mechanism (SDTM) for Cloud Outsourced Data and Transmission Layer Security (TLS)
The Cloud has become a significant topic in computing; however, the trend has established a new range of security issues that need to be addressed. In Cloud, the data and associated software are not under their control. In addition, with the growing demands for Cloud networks communication. With the increasing demand for computer communications the need for security is growing dramatically. The...
متن کاملSecure VPNs for Trusted Computing Environments
Virtual Private Networks are a popular mechanism for building complex network infrastructures. Such infrastructures are usually accompanied by strict administrative restrictions on all VPN endpoints to protect the perimeter of the VPN. However, enforcement of such restrictions becomes difficult if these endpoints are personal computers used for remote VPN access. Commonly employed measures like...
متن کاملVaulted VPN: Compartmented Virtual Private Networks on Trusted Operating SystemsTse-Huong Choo, Hewlett-Packard Laboratories
VPN, virtual vault, IPSec Virtual Private Networks for IPSec based on an intermediate packet-redirector in network-protocol stacks are becoming increasingly common for many standard operating systems and represent a well-understood method for retro-fitting such systems with IPSec support. This report describes how a different design structured around a Trusted Operating System can offer better ...
متن کاملTrusted License Distribution System Based on IPSec VPN for Mobile DRM
With the rapid development of mobile applications, DRM systems used for mobile terminals and wireless environment become popular. However, the present DRM schemes are not fit for mobile applications because of the new security problems in wireless environment and the limitations of mobile terminals. In this paper, a trusted license distribution system based on IPSec VPN and its correlative issu...
متن کاملThe OpenEapSmartcard platform
This paper presents the first javacard platform dedicated to IP (Wireless) LAN security issues. We have defined an open architecture that processes Extensible Authentication Protocol (EAP) in smartcards, which is the standard defined by IETF1 and IEEE-8022 committees for users’ authentication in various network environments like Wi-Fi, WiMax, or IPSEC.3 These tamper resistant devices are genera...
متن کامل