Abstract
Information security a is constant concern of Internet data. One security solution is IPSec, which is a set of protocols that provides both data confidentiality and authenticity. Another concern is the last mile bandwidth limitation on many Internet connections. This problem can be mitigated by bandwidth conservation techniques such as Application Layer and Stealth Multicast (SMC). Combining IPSec and multicast techniques would be ideal, but is not possible due to the nature of encrypted data and the requirements of multicast messages. We present the concept of a Trusted Security Device (TSD) which provides efficient bandwidth usage while maintaining security levels offered by IPSec. A TSD cooperates with clients and servers while implementing SMC technology. Minor modifications to clients and servers are necessary to enable discovery, key exchange, and communication between clients, servers, and TSDs. TSD technology is applicable to streaming data where confidentiality, authentication, and bandwidth conservation are concerns.
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
Alan Freier, P.K., Kariton, P.: The SSL protocol: Version 3.0. Netscape Communications, Inc, Mountain View (1996)
Kent, S., Atkinson, R.: Security Architecture for the Internet Protocol. Internet Engineering Task Force: RFC 2401 (November 1998)
Striegel, A.: Stealth multicast: A catalyst for multiccast deployment. In: Proceedings of IFIP Networking, Athens, Greece, May 2004, pp. 817–828 (2004)
Hardjono, T., Tsudik, G.: IP multicast security: Issues and directions. Annales de Telecom (2000)
Chang, I., Engel, R., Kandlur, D., Pendarakis, D., Saha, D.: Key management for secure internet multicast using boolean function minimization techniques. In: Proceedings IEEE Infocomm 1999, vol. 2, pp. 689–698 (1999)
Ateniese, G., Steiner, M., Tsudik, G.: New multiparty authentication services and key agreement protocols. IEEE Journal on Selected Areas in Communications 18(4), 628–639 (2000)
Kent, S., Atkinson, R.: IP Authentication Header. Internet Engineering Task Force: RFC 2402 (November 1998)
Kent, S., Atkinson, R.: IP Encapsulating Security Payload (ESP). Internet Engineering Task Force: RFC 2406 (November 1998)
Housley, R., Polk, W., Ford, W., Solo, D.: Internet X.509 Public Key Infrastructure. The Internet Society: RFC 3280 (April 2002)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2005 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Mano, C.D., Striegel, A. (2005). Trusted Security Devices for Bandwidth Conservation in IPSec Environments. In: Boutaba, R., Almeroth, K., Puigjaner, R., Shen, S., Black, J.P. (eds) NETWORKING 2005. Networking Technologies, Services, and Protocols; Performance of Computer and Communication Networks; Mobile and Wireless Communications Systems. NETWORKING 2005. Lecture Notes in Computer Science, vol 3462. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11422778_14
Download citation
DOI: https://doi.org/10.1007/11422778_14
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-25809-4
Online ISBN: 978-3-540-32017-3
eBook Packages: Computer ScienceComputer Science (R0)