A framework for implementing IPSec functional architecture

We provide a framework for implementing IPSec security services in a well-structured functional architecture based on a layered functional architecture for network security management [1]. The proposed architecture is modular, and supports open standards and interfaces, and implements the security services of IPSec as an integrated solution under a unified security management system.

[1]  Bruce Schneier,et al.  Description of a New Variable-Length Key, 64-bit Block Cipher (Blowfish) , 1993, FSE.

[2]  Hugo Krawczyk,et al.  HMAC: Keyed-Hashing for Message Authentication , 1997, RFC.

[3]  Ronald L. Rivest,et al.  The RC5 Encryption Algorithm , 1994, FSE.

[4]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[5]  M. Rabin Probabilistic algorithm for testing primality , 1980 .

[6]  Hugo Krawczyk,et al.  A Security Architecture for the Internet Protocol , 1999, IBM Syst. J..

[7]  Ronald L. Rivest,et al.  The MD5 Message-Digest Algorithm , 1992, RFC.

[8]  Xuejia Lai,et al.  Markov Ciphers and Differential Cryptanalysis , 1991, EUROCRYPT.

[9]  William Stallings,et al.  Cryptography and Network Security: Principles and Practice , 1998 .

[10]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[11]  William Stallings,et al.  Network Security Essentials: Applications and Standards , 1999 .

[12]  W. Douglas Maughan,et al.  Internet Security Association and Key Management Protocol (ISAKMP) , 1998, RFC.

[13]  Carlisle M. Adams,et al.  The CAST-128 Encryption Algorithm , 1997, RFC.

[14]  Dan Harkins,et al.  The Internet Key Exchange (IKE) , 1998, RFC.

[15]  William Stallings Zhu,et al.  Network Security Essentials : Applications and Standards , 2007 .

[16]  Matti A. Hiltunen,et al.  Building Survivable Services Using Redundancy and Adaptation , 2003, IEEE Trans. Computers.

[17]  James H. Burrows,et al.  Secure Hash Standard , 1995 .

[18]  Stephen T. Kent,et al.  Security Architecture for the Internet Protocol , 1998, RFC.

[19]  Randall J. Atkinson,et al.  IP Encapsulating Security Payload (ESP) , 1995, RFC.

[20]  Gary L. Miller,et al.  Riemann's Hypothesis and tests for primality , 1975, STOC.

[21]  Stephen T. Kent,et al.  IP Authentication Header , 1995, RFC.

[22]  Dan Boneh,et al.  Digital Signature Standard , 2005, Encyclopedia of Cryptography and Security.