This paper discusses some decisive factors and basic combinations of security policy and security association , proposes an architecture for security policy system , describes approaches for defining and representing security policy and security association , presents the integration of the linux ip processing with the outbound and inbound policy through the linux netfilter . proposes the use of radix tree for organizing the security policy database , the use of hash table for organizing the security association database , and the use of the pf _ key protocol for the interface between applications and these two databases , specifies how to use the security policy system to provide security policy services . at last , this paper comments on policy correctness , correlation , reconciliation and conflict detection , and advises further work on security policy language , gateway discovery and policy protocol 本文论述了安全策略和安全关联的一些决定因素及其组合方式;阐明了安全策略系统的体系结构以及安全策略和安全关联的定义和表示方法;提出了使用linux下的netfilter机制将ipsec的进入和外出策略处理与linux自身的ip层处理紧密结合,使用radix树型结构来实现安全策略库,使用哈希表来实现安全关联库,使用pfkey协议宋实现安全策略库和安全关联库与应用程序的接口;给出了如何通过安全策略系统为ipsec提供安全策略服务。
Ipsec protocol , security architecture of ip protocol , is the security extension of ip protocol of network layer . joined by security association negotiation encryption of datagram authentication and access control basing host - oriented and otherwise security measure , it can provide security protection for the upper protocol and application Ipsec协议,即ip协议层的安全体系结构,是对网络层的ip协议进行安全扩展,加入安全关联协商、数据报的加密、认证和面向主机的访问控制等安全措施,为上层的协议和应用程序提供internet上一致的安全保护。
This paper has introduced the principle of isakmp , a protocol used in dynamical key exchange , and has accounted for the theory of ipc ( inter - process communication ) and a kind of new socket type pf _ key , as well as their messaging activity and related operations . the paper has mainly analyzed the procedure of building messages in kernel and its communication with application , the methods of managing messages and sadb . finally , it has presented a design of ipc ( inter - process communication ) between kernel and application according to pf _ key protocol , which makes various users communicate with each other on different channels created dynamically 本文简要介绍了在ipsec中实现动态密钥交换使用的通用框架协议? ? isakmp的基本原理;详细阐述了进程间通信机制和pfkey协议的基本原理、消息行为及相关操作;着重分析了系统内核消息构造及其与应用层通信的过程和系统内核处理消息、管理安全关联数据库( sadb )的方法;最终提出了利用pfkey套接口协议在系统内核与应用层之间进行通信,为不同的用户对动态地建立不同的安全通道的设计方案。
It analyses in details the interplay of all the components , the essential concepts such as security association , security association database and security policy database , the process of the package handling , the two security protocol encapsulating security payload and authentication header it concerns not only the regulations of the protocols themselves but also the implementation schemes 对于ipsec各个组件之间的交互关系、涉及的重要概念(安全关联、安全关联数据库和安全策略数据库) 、数据包处理过程、两个安全协议(封装安全载荷和认证头)的协议本身规范和一般实现方法都进行了较为详细的讨论。
Attempting to use eapol in a shared medium environment that does not support the use of secure associations renders port - based network access control highly vulnerable to attack ; for example , station a can mount a successful denial - of - service attack on station b simply by issuing an eapol - logoff packet using station b s individual mac address . " see ieee 802 . 1x specifications , page 21 , section 7 . 9 , lines 34 - 39 , available to link to in the 在不支持使用安全关联的共享媒体环境中进行使用eapol的尝试会导致基于端口的网络访问控制极易受到攻击;例如,工作站a只要发出一个使用工作站b的个体mac地址的eapol - logoff包,就能够在工作站b上挂装一个成功的拒绝服务攻击。 ”
Finally , it examines some security issues , such as authentication of security association ( sa ) , protection of identity , use of certificate and support for nomadic user , on the ike protocol . it gives the new amendment on the authentication of security association . further more , it also gives two new improvement suggests that are proved by the secure evaluation for the ike protocol resistant to the two denial - of - service ( dos ) attacks 一方面是在已有的ike协议形式化分析成果的基础之上对其安全特性的有效性进行了研究,指出了ike协议中存在的诸如身份保护、证书使用、对无固定ip地址用户的支持以及安全关联载荷认证等问题,并对ike协议存在的安全关联载荷认证缺陷提出了新的修改方案;另一方面提出了ike协议基于抵御拒绝服务( denialofservice , dos )攻击的改进方案,并对改进方案的安全性进行了评估。
