Skip to main content
USENIX
  • Conferences
  • Students
Sign in

connect with us


  •  Twitter
  •  Facebook
  •  LinkedIn
  •  Google+
  •  YouTube

twitter

Tweets by @usenix

usenix conference policies

  • Event Code of Conduct
  • Conference Network Policy
  • Statement on Environmental Responsibility Policy

You are here

Home ยป A Multi-Layer IPSEC Protocol
Tweet

connect with us

A Multi-Layer IPSEC Protocol

Abstract: 

IPsec is a suite of standard protocols that provides security services for Internet communications. It protects the entire IP datagram in an "end-to-end" fashion; no intermediate network node in the public Internet can access or modify any information above the IP layer in an IPsec-protected packet. However, recent advances in internet technology introduce a rich new set of services and applications, like traffic engineering, TCP performance enhancements, or transparent proxying and caching, all of which require intermediate network nodes to access a certain part of an IP datagram, usually the upper layer protocol information, to perform flow classification, constraint-based routing, or other customized processing. This is in direct conflict with the IPsec mechanisms. In this research, we propose a multi-layer security protection scheme for IPsec, which uses a finer-grain access control to allow trusted intermediate routers to read and write selected portions of IP datagrams (usually the headers) in a secure and controlled manner.

Yongguang Zhang, HRL Laboratories, LLC

Bikramjit Singh, HRL Laboratories, LLC

BibTeX
@inproceedings {271265,
author = {Yongguang Zhang and Bikramjit Singh},
title = {A {Multi-Layer} {IPSEC} Protocol},
booktitle = {9th USENIX Security Symposium (USENIX Security 00)},
year = {2000},
address = {Denver, CO},
url = {https://www.usenix.org/conference/9th-usenix-security-symposium/multi-layer-ipsec-protocol},
publisher = {USENIX Association},
month = aug,
}
Download

Links

Paper: 
http://www.usenix.org/events/sec2000/full_papers/zhangipsec/zhangipsec.pdf
Paper (HTML): 
http://www.usenix.org/events/sec2000/full_papers/zhangipsec/zhangipsec_html/index.html
  • Log in or    Register to post comments

© USENIX

  • Privacy Policy
  • Contact Us