Demystifying the IPsec puzzle /

Detalles Bibliográficos
Clasificación:Libro Electrónico
Autor principal: Frankel, Sheila
Formato: Electrónico eBook
Idioma:Inglés
Publicado: Boston, MA : Artech House, 2001.
Colección:Artech House computer security series.
Temas:
IPSec (Computer network protocol)
Computer network protocols.
IPSec (Protocole de réseaux d'ordinateurs)
Protocoles de réseaux d'ordinateurs.
COMPUTERS > Networking > Network Protocols.
Acceso en línea:Texto completo
Tabla de Contenidos:
  • Contents vii
  • Preface xvii
  • 1 Introduction 1
  • 1.1 The TCP/IP Protocol Stack 5
  • 1.2 Introducing IPsec 12
  • 1.3 Summary 13
  • 1.4 Further Reading 14
  • References 14
  • 2 The First Puzzle Piece: The Authentication Header 15
  • 2.1 Protections Provided by AH 15
  • 2.2 Security Associations and the Security Parameters Index 16
  • 2.3 AH Format 19
  • 2.4 AH Location 20
  • 2.5 AH Modes 21
  • 2.6 Nested Headers 22
  • 2.7 Implementing IPsec Header Processing 23
  • 2.8 AH Processing for Outbound Messages 25
  • 2.9 AH Processing for Inbound Messages 302.10 Complications 32
  • 2.11 Auditing 35
  • 2.12 Threat Mitigation 37
  • 2.13 Summary 37
  • 2.14 Further Reading 38
  • References 38
  • 3 The Second Puzzle Piece: The Encapsulating Security Payload 41
  • 3.1 Protections Provided by ESP 41
  • 3.2 Security Associations and the Security Parameters Index 42
  • 3.3 ESP Header Format 43
  • 3.4 ESP Header Location and Modes 45
  • 3.5 Nested and Adjacent Headers 46
  • 3.6 ESP Header Processing for Outbound Messages 48
  • 3.7 ESP Header Processing for Inbound Messages 493.8 Complications 52
  • 3.9 Criticisms and Counterclaims 52
  • 3.10 Threat Mitigation 54
  • 3.11 Why Two Security Headers? 55
  • 3.12 Summary 56
  • 3.13 Further Reading 56
  • References 57
  • 4 The Third Puzzle Piece: The Cryptographic Algorithms 59
  • 4.1 Underlying Principles 60
  • 4.2 Authentication Algorithms 62
  • 4.3 The ESP Header Encryption Algorithms 68
  • 4.4 Complications 78
  • 4.5 Public Key Cryptography 79
  • 4.6 Conclusion 82
  • 4.7 Further Reading 82
  • 5.14 Lifetimes 1015.15 Vendor IDs 101
  • 5.16 The Phase 1 Negotiation 101
  • 5.17 The Phase 2 Negotiation 112
  • 5.18 New Group Mode 117
  • 5.19 Informational Exchanges 118
  • 5.20 The ISAKMP Header 119
  • 5.21 The Generic Payload Header 120
  • 5.22 The IKE State Machine 121
  • 5.23 The Origins of IKE 122
  • 5.24 An Example 122
  • 5.25 Criticisms and Counterclaims 123
  • 5.26 Threat Mitigation 125
  • 5.27 Summary 125
  • 5.28 Further Reading 126
  • References 127
  • 6 The Fifth Puzzle Piece: IKE and the Road Warrior 129

Ejemplares similares