摘要
IPSec提供一种对用户透明的IP层安全服务 ,包括机密性、完整性、可认证性和数据重放保护。IPSec可用于保护主机间、安全网关间或安全网关—主机间的一条或多条路径的安全通信。文章对IPSec的结构与组成 ,IPSec在OPENBSD下的实现进行了较为详细的研究 ;并对系统的利弊进行了评价。
IPSec offers a kind of secure service that is transparent to user and includes confidentiality, integrity, authenticity and replay protection. IPSec can be used to protect communication between two hosts or safe gateways or host and gateway. This paper studies the structure of IPSec and its constitute and the realization of IPSec in OpenBSD system at large. The advantages and disadvantages of this system are evaluated,too.
出处
《计算机应用》
CSCD
北大核心
2002年第7期4-7,共4页
journal of Computer Applications
关键词
虚拟专用网
IP安全协议
封闭安全负载
安全关联
INTERNET密钥交换
安全策略数据库
认证
Virtual Private Networks(VPN)
IP Security protocol(IPSec)
Encapsulating Security Payload (ESP)
Security Association(SA)
Internet Key Exchange(IKE)
Security Policy Database(SPD)
Certification Authority (CA)
