NETWORK SECURITY AND PERFORMANCE EVALUATION OF ML- IPsec OVER SATELLITE NETWORKS
نویسندگان
چکیده
The peculiar characteristics of the satellite links affect performance of the TCP protocol, largely used by most of the Internet applications. Then, to achieve good performance TCP Performance Enhancing Proxy mechanisms are often used. In principle, a TCP PEP mechanism accelerates TCP transfers requiring access to TCP headers in intermediate nodes. As a drawback, this conflicts with IPsec, which requires end to end semantic be respected. ML-IPsec has been identified as a suitable trade-off solution which can mitigate such a conflict. This paper addresses security issues for satellite systems highlighting the need to guarantee both security and performance. Finally, performance of different security schemes, carried out through simulations, are shown.
منابع مشابه
Securing Satellite Communications
This paper presents securing satellite communications using link level security (such as ATM security) or network level security (such as IPSEC), where both can be applied to military satellite communications. The paper examines the topic of securing very large multicast groups over satellites, where the group size and group dynamics have great impact on networks performance and network security.
متن کاملMultilayer IPSec (ML-IPSec) Protocol Design for improved security performance over satellites
There are a variety of satellite applications that require application intelligence at intermediate devices for their proper functioning e.g. satellite networks using (Performance Enhancing Proxies, PEPs), real time streaming applications like SIP, H.323 and peer-to-peer applications. Interworking between PEPs and security system has been researched in the past. Multi-layer IPSec (ML-IPSec) res...
متن کاملDesign and Performance Analysis of CZML-IPSec for Satellite IP Networks
This paper analyzes the conflict between performance enhancing technology and IPSec in satellite IP networks, and proposes a solution called multilayer IP security with changeable zone (CZML-IPSec). It enables licensed intermediate nodes not only access TCP header, but also object links of upper layer in the form of HTML by converting static zone mapping to changeable dynamic mapping and buildi...
متن کاملKey management and multi-layer IPSEC for satellite multicast
Satellites are also ideally suited for delivery of multicast applications. However secure multicast over satellites is a challenging problem. One important step toward the correct solution for end-to-end security is the integration of security architectures between satellites and IP terrestrial networks. This paper presents a secure group management and key distribution architecture based on th...
متن کاملPerformance Analysis of IP Security VPN
Internet Protocol Security (IPSec) is a protocol suite for securing Internet Protocol (IP) communications by authenticating and encrypting each IP packet of a data stream. . IPSec architecture requires the host to provide confidentiality using Encapsulating Security Payload and data integrity using either Authentication Header or Encapsulating Security Payload and anti-replay protection. IPSec ...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2006