| Record ID | marc_nuls/NULS_PHC_180925.mrc:76607339:5279 |
| Source | marc_nuls |
| Download Link | /show-records/marc_nuls/NULS_PHC_180925.mrc:76607339:5279?format=raw |
LEADER: 05279pam 22003014a 4500
001 9922208320001661
005 20150423142800.0
008 010116s2001 maua b 001 0 eng
010 $a 2001018807
020 $a1580530796 (alk. paper)
035 $a(CSdNU)u97306-01national_inst
035 $a(Sirsi) l2001018807
035 $a(Sirsi) l2001018807
035 $a(Sirsi) 01-AAM-2036
035 $a 2001018807
040 $aDLC$cDLC$dDLC$dOrPss
042 $apcc
050 00 $aTK 5105.567$bF73 2001
100 1 $aFrankel, Sheila.
245 10 $aDemystifying the IPsec puzzle /$cSheila Frankel.
260 $aBoston, MA :$bArtech House,$c2001.
300 $a273 p. :$bill. ;$c24 cm.
440 0 $aArtech House computer security series
504 $aIncludes bibliographical references and index.
505 0 $aThe TCP/IP Protocol Stack -- IP Packets -- IP Packetization and Fragmentation -- Introducing IPsec -- The First Puzzle Piece: The Authentication Header -- Protections Provided by AH -- Security Associations and the Security Parameters Index -- AH Format -- AH Location -- AH Modes -- Nested Headers -- Implementing IPsec Header Processing -- AH Processing for Outbound Messages -- AH Processing for Inbound Messages -- Complications -- Auditing -- Threat Mitigation -- The Second Puzzle Piece: The Encapsulating Security Payload -- Protections Provided by ESP -- Security Associations and the Security Parameters Index -- ESP Header Format -- ESP Header Location and Modes -- Nested and Adjacent Headers -- ESP Header Processing for Outbound Messages -- ESP Header Processing for Inbound Messages -- Complications -- Criticisms and Counterclaims -- Threat Mitigation -- Why Two Security Headers? -- The Third Puzzle Piece: The Cryptographic Algorithms -- Underlying Principles -- Authentication Algorithms -- The MD5 Algorithm -- The SHA-1 Algorithm -- The HMAC Algorithm -- Other Authentication Algorithms -- The ESP Header Encryption Algorithms -- The DES Algorithm -- The Triple DES Algorithm -- Other Encryption Algorithms -- The AES Algorithm -- Complications -- Public Key Cryptography -- Digital Signatures -- Other Public Key Operations -- The Diffie-Hellman Exchange -- The Fourth Puzzle Piece: The Internet Key Exchange (IKE) -- The IKE Two-Step Dance -- Payloads and Exchanges -- Authentication Methods -- Proposals and Counterproposals -- Cookies -- The Security Association Payload -- The Proposal Payload -- The Message ID -- Nonces -- Identities and Identity Protection -- Certificates and Certificate Requests -- Keys and Diffie-Hellman Exchanges -- Notifications -- Lifetimes -- Vendor IDs -- The Phase 1 Negotiation -- Main Mode -- Aggressive Mode -- Base Mode -- The Phase 2 Negotiation -- Quick Mode -- The Commit Bit -- New Group Mode -- Informational Exchanges -- The ISAKMP Header -- The Generic Payload Header -- The IKE State Machine -- The Origins of IKE -- An Example -- Criticisms and Counterclaims -- Threat Mitigation -- The Fifth Puzzle Piece: IKE and the Road Warrior -- Legacy Authentication Methods -- ISAKMP Configuration Method -- Extended Authentication -- Hybrid Authentication -- Challenge-Response for Authenticated Cryptographic Keys -- User-Level Authentication -- Credential-Based Approaches -- Complications -- Threat Mitigation -- The Sixth Puzzle Piece: IKE Frills and Add-Ons -- Renegotiation -- Heartbeats -- Initial Contact -- Dangling SAs -- The Glue: PF_KEY -- The PF_KEY Messages -- A Sample PF_KEY Exchange -- Composition of PF_KEY Messages -- Complications -- The Missing Puzzle Piece: Policy Setting and Enforcement -- The Security Policy Database -- The Policy Problem -- Policy Configuration -- Policy Servers -- Gateway Discovery -- Policy Discovery -- Policy Exchange -- Policy Resolution -- Policy Decorrelation -- Policy Compliance Checking -- Revisiting the Road Warrior -- IPsec Policy Solutions -- The IPsec Configuration Policy Model -- The IPsec Policy Information Base -- The Security Policy Protocol -- The Security Policy Specification Language -- The KeyNote Trust Management System -- An Overall Plan -- The Framework: Public Key Infrastructure (PKI) -- PKI Functional Components -- The PKI World View -- The Life Cycle of a Certificate -- PKI Protocol-Related Components -- Certificates and CRLs -- Certificate Formats -- Certificate Contents -- IKE and IPsec Considerations -- The Unsolved Puzzle: Secure IP Multicast -- Some Examples -- Multicast Logistics -- Functional Requirements -- Security Requirements -- Key Management -- Secrecy -- Data Integrity -- Source Authentication -- Order of Cryptographic Operations -- Membership Management -- Access-Related Issues -- Policy Determination -- Anonymity -- Nonrepudiation -- Service Availability -- Firewall Traversal -- Piracy -- Whither IP Multicast Security? -- The Whole Puzzle: Is IPsec the Correct Solution? -- Advantages of IPsec -- Disadvantages of IPsec -- Alternatives to IPsec -- Transport Layer Security Protocol -- Layer 2 Tunneling Protocol -- Point-to-Point Tunneling Protocol -- IPsec Today -- The Future of IPsec.
650 0 $aIPSec (Computer network protocol)
948 $a09/05/2001$b10/09/2001
999 $aTK 5105.567 F73 2001$wLC$c1$i31786101456603$d4/15/2004$f4/15/2004$g1 $lCIRCSTACKS$mNULS$rY$sY$tBOOK$u10/9/2001