Network Security Essentials: Fourth Edition by William Stallings
Network Security Essentials: Fourth Edition by William Stallings
Network Security Essentials: Fourth Edition by William Stallings
Essentials
Chapter 8
Fourth Edition
by William Stallings
Lecture slides by Lawrie Brown
Chapter 8 IP Security
If a secret piece of news is divulged by a spy
before the time is ripe, he must be put to
death, together with the man to whom the
secret was told.
The Art of War, Sun Tzu
IP Security
have
however
IP Security
general
IP Security mechanisms
provides
authentication
confidentiality
key management
applicable
IP Security Uses
Benefits of IPSec
in
IP Security Architecture
specification
Architecture
RFC4301 Security Architecture for Internet Protocol
Cryptographic algorithms
Other
IPSec Services
Access
control
Connectionless integrity
Data origin authentication
Rejection of replayed packets
Confidentiality
(encryption)
Limited traffic flow confidentiality
Tunnel
Mode
Mode
Transport
and
Tunnel
Modes
Transport
and
Tunnel
Mode
Protocols
Security Associations
a
has
have
Encapsulating Security
Payload
ESP
ESP
Anti-Replay Service
replay
receiver
Combining Security
Associations
SAs
combining
Combining Security
Associations
manual
key management
automated
key management
Oakley
a
can
ISAKMP
Internet
IKEV2 Exchanges
ISAKMP
payload
Cryptographic Suites
variety
Summary
have
considered: