Abstract
Performance Enhancing Proxies (PEPs) are used in satellite networks for better performance of the TCP/IP applications. Multi-layer IPSec (ML-IPSec) resolves the conflict between end-to-end security in standard IPSec and operation of PEPs. Previous Ml-IPSec solution has issues of limited application scope and increased complexity to implement and process the ML-IPSec protected data. This paper presents a new dynamic ML-IPSec protocol which addresses these issues. The paper also analyzes the protocol with reference to previous ML-IPSec protocol and presents the experiment performed to analyze the network performance while running IPSec and ML-IPSec.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Zhang, Y.: Member IEEE: “A Multilayer IP Security Protocol for TCP Performance Enhancement in Wireless Networks”. IEEE Journals on Selected Areas in Communicaitons 22(4) (May 2004)
Zhang, Y., Singh, B.: A multi-layer IPsec protocol. In: Proc. Usenix Security Symp., pp. 213–228 (August 2000)
Cruickshank, D.H., Bhutta, M.N.M., Ashworth, J., Moseley, M.: Interworking between Satellite Performance Enhancing Proxies and Multilayer IPSec (ML-IPSec). In: 16th KA and Broadband Communications 2010, Milan, Italy (2010)
Bhutta, M.N.M., Haitham, Ashworth, J., Moseley, M.: Multilayer IPSec (ML-IPSec) Design for Transport and Application Layer Satellite Performance Enhancing Proxies. In: 28th AIAA International Communications Satellite Systems, AIAA/ICSSC, Anaheim, California (2010)
Zhang, Y.: HRL Laboratories Report, Multi-layer Internet Security for Satellite and Wireless Networks (December 1999)
Border, J., et al.: Performance Enhancing Proxies Intended to Mitigate Link-Related Degradations. IETF RFC 3135 (June 2001)
H. Cruickshank. Technical Report on Performance Enhancing Proxies (PEPs) for the European ETSI Broadband Satellite Multimedia (BSM) working group. ETSI Report TR 102 676 (September 2009), http://portal.etsi.org
Gomez, C., et al.: Web browsing optimization over 2.5G and 3G: end-to-end mechanisms vs. usage of performance enhancing proxies. In: Wireless Communications and Mobile Computing, pp. 8:213–230. Wiley InterScience (2008)
Kent, S., Seo, K.: BBN Technologies, “Security Architecture for Internet Protocol”, RFC 4301 (December 2005)
Kent, S.: BBN Technologies, “IP Authentication Header (AH)”, RFC 4302 (December 2005)
Kent, S.: BBN Technologies, “IP Encapsulating Security Payload (ESP)”, RFC 4303 (December 2005)
Kaufman, C.: Microsoft, “Internet Key Exchange (IKEv2) Protocol”, RFC 4306 (December 2005)
Obanaik Secure, V.: performance enhancing proxy: To ensure end-to-end security and enhance TCP performance over IPv6 wireless networks. Elsevier Computer Networks 50, 2225–2238 (2006)
Bellovin, S.: Probable plaintext cryptanalysis of the IPSecurity protocols. In: Proceedings of the Symposium on Network and Distributed System Security (February 1997)
Dierks, T., et al.: The TLS Protocol Version 1.2, RFC 5246 (AugUST 2008)
Sing, J., Soh, B.: A Critical Analysis of Multi-layer IP Security Protocol. In: Third International Conference on Information Technology and Applications, ICITA 2005 (2005)
Annoni, M., Boiero, G., Salis, N., Cruickshank, H.S., Howarth, M.P., Sun, Z.: Interworking between multi-layer IPSEC and Secure multicast services over GEO satellites. Eur. Cooperation in the Field of Sci. Tech.Res., Tech. Rep. COST 272 TD-02–016 (2002)
Annoni, M., Boiero, G., Salis, N.: Security issues in the BRAHMSsyste m. In: Proc. Ist MobileWireless Telecommunications Summit 2002 (June 2002)
Baugher, M., et al.: Multicast Security (MSEC) Group Key Management Architecture, IETF RFC 4046 (April 2005)
Cruickshank, H.: Technical Specifications for satellite networks multicast security architecture and key management for the European ETSI Broadband Satellite Multimedia (BSM) working group. ETSI Specifications. ETSI TS 102 466 (December 2006), http://portal.etsi.org
Wallner, D., et al.: Key Management for Multicast: Issues and Architectures, IETF RFC 2627 (June 1999)
Sirsuresh, P., et al.: Middlebox Communication Architecture and Framework, IETF RFC 3303 (August 2002)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2013 ICST Institute for Computer Science, Social Informatics and Telecommunications Engineering
About this paper
Cite this paper
Bhutta, M.N.M., Cruickshank, H. (2013). A New Dynamic Multilayer IPSec Protocol. In: Pillai, P., Shorey, R., Ferro, E. (eds) Personal Satellite Services. PSATS 2012. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 52. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-36787-8_15
Download citation
DOI: https://doi.org/10.1007/978-3-642-36787-8_15
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-36786-1
Online ISBN: 978-3-642-36787-8
eBook Packages: Computer ScienceComputer Science (R0)