Sciweavers

ESORICS
2000
Springer

Authentication and Confidentiality via IPSEC

14 years 4 months ago
Authentication and Confidentiality via IPSEC
The IP security protocols (IPsec) may be used via security gateways that apply cryptographic operations to provide security services to datagrams, and this mode of use is supported by an increasing number of commercial products. In this paper, we formalize the types of authentication and confidentiality goal that IPsec is capable of achieving, and we provide criteria that entail that a network with particular IPsec processing achieves its security goals. This requires us to formalize the structure of networks using IPsec, and the state of packets relevant to IPsec processing. We can then prove confidentiality goals as invariants of the formalized systems. Authentication goals are formalized in the manner of [9], and a simple proof method using "unwinding sets" is introduced. We end the paper by explaining the network threats that are prevented by correct IPsec processing.
Joshua D. Guttman, Amy L. Herzog, F. Javier Thayer
Added 24 Aug 2010
Updated 24 Aug 2010
Type Conference
Year 2000
Where ESORICS
Authors Joshua D. Guttman, Amy L. Herzog, F. Javier Thayer
Comments (0)