Free Delivery Over $100
|
|
|||
|
||||
OverviewNow that the Internet has blossomed into the Information Superhighway with its traffic and drivers becoming increasingly diverse, security has emerged as a primary concern. This book offers the reader a global, integrated approach to providing internet security at the network layer. The author gives a detailed presentation of the revolutionary IPsec technology used today to create Virtual Private Networks and, in the near future, to protect the infrastructure of the Internet itself. The book addresses IPsec's major aspects and components to help the reader evaluate and compare features of different implementations. It provides a detailed understanding of this cutting-edge technology from the inside, which enables the reader to more effectively troubleshoot problems with specific products. Based on standards documents, discussion list archives, and practitioners' lore, this resource collects all the current knowledge of IPsec and describes it in a literate, clear manner. Full Product DetailsAuthor: Shiela FrankelPublisher: Artech House Publishers Imprint: Artech House Publishers Dimensions: Width: 15.60cm , Height: 1.70cm , Length: 23.40cm Weight: 0.592kg ISBN: 9781580530798ISBN 10: 1580530796 Pages: 296 Publication Date: 31 March 2001 Audience: Professional and scholarly , Professional & Vocational Format: Hardback Publisher's Status: Active Availability: Out of print, replaced by POD  We will order this item for you from a manufatured on demand supplier. Table of ContentsPreface. Introduction. - The TCP/IP Protocol Stack. Introducing IPsec. Summary. Further Reading. The First Puzzle Piece: The Authentication Header - Protection Provided by AH. Security Associations and the Security Parameters Index. AH Format. AH Location. AH Modes. Nested Headers. Implementing IPsec Header Processing. AH Processing for Outbound Messages. AH Processing for Inbound Messages. Complications. Auditing. Threat Mitigation. Summary. Further Reading. The Second Puzzle Piece: The Encapsulating Security Payload - Protections Provided by ESP. Security Associations and the Security Parameters Index. ESP Header Format. ESP Header Location and Modes. Nested and Adjacent Headers. ESP Header Processing for Outbound Messages. ESP Header for Inbound Messages. Complications Criticisms and Counterclaims.Threat Mitigation. Why Two Security Headers? Summary. Further Reading. The Third Puzzle Piece: The Cryptographic Algorithms - Underlying Principles. Authentication Algorithms. The ESP Header Encryption Algorithms. Complications. Public Key Cryptography. Conclusion. Further Reading. The Fourth Puzzle Piece: The Internet Key Exchange (IKE) - The IKE Two-Step Dance. Payloads and Exchanges. Authentication Methods. Proposals and Counterproposals. Cookies. The Security Association Payload. The Proposal Payload. The Message ID. Nonces. Identities and Identity Protection. Certificates and Certificate Requests.Keys and Diffie-Hellman Exchanges. Notifications. Lifetimes. Vendor IDs. The Phase 1 Negotiation. The Phase 2 Negotiation. New Group Mode. Informational Exchanges. The ISAKMP Header. The Generic Payload Header. The IKE State Machine. The Origins of IDE. An Example. Criticisms and Counterclaims. Threat Mitigation. Summary. Further Reading. The Fifth Puzzle Piece: IKE and the Road Warrior - Legacy Authentication Methods. ISAKMP Configuration Method. Extended Authentication. Hybrid Authentication. Challenge-Response for Authenticated Cryptographic Keys. User-Level Authentication. Credential-Based Approaches. Complications. Threat Mitigation. Summary. Further Reading. The Sixth Puzzle Piece: IKE Frills and Add-Ons - Renegotiation. Heartbeats. Initial Contact. Dangling SAs. Summary. Further Reading. The Glue: PF_Key -The PF_Key Messages. A Sample PF_Key Exchange. Composition of PF Key Messages. Complications. Summary. Further Reading. The Missing Puzzle Piece: Policy Setting and Enforcement - The Security Policy Database. The Policy Problem. Revisiting the Road Warrior. IPsec Policy Solutions. Summary. Further Reading. The Framework: Public Key Infrastructure (PKI) - PKI Functional Components. The PKI World View. The Life Cycle of a Certificate. PKI Protocol-Related Components. Certificates and CRTs. Certificate Formats. Certificate Contents. IKE and Ipsec Considerations. Summary Further Reading. The Unsolved Puzzle: Secure IP Multicast - Some Examples. Multicast Logistics. Functional Requirements. Security Management. Whither IP Multicast Security? Summary. Further Reading. The Whole Puzzle: Is IPsec the Correct Solution? - Advantages of IPsec. Disadvantages of IPsec. Alternatives to IPsec. IPsec Today. The Future of IPsec. Summary. Further Reading. List of Acronyms and Abbreviations.ReviewsAuthor InformationSheila Frankel is a computer scientist at NIST (National Institute of Standards and Technology). She holds a B.A. in Mathematics from Yeshiva University and a M.S. in computer science from New York University. Tab Content 6Author Website:Countries AvailableAll regions |
||||
