Title :
Design and Implementation of Distributed Firewall System for IPv6
Author :
Lai, Yingxu ; Jiang, Guangzhi ; Li, Jian ; Yang, Zhen
Author_Institution :
Dept. of Inf. Security, Beijing Univ. of Technol., Beijing
Abstract :
The deployment of the IPv6 network becomes to be realized as the necessity of the IPv6 network is enlarged due to the limit of the IPv4 network. However, the security policy about the IPv6 network is not mature and it becomes an obstacle in the IPv6 network deployment. Attackers can detour the access control of packet filtering system, unless packet filtering system can decrypt IPSec packet. This paper introduces the implementation of Distributed Firewall System (DFS) that can be applicable to the IPv6 network and has capabilities of processing encrypted IPSec packet. The prototype introduced in this paper has been implemented in order to be applied to the IPv6 network preferentially. Although it has a limit to forward performance, the prototype can give the basic concepts toward the IPv6-based DFS equipment.
Keywords :
Internet; authorisation; transport protocols; IPv6; access control; distributed firewall system; packet filtering system; security policy; Authentication; Cryptography; Data security; Electrostatic precipitators; Filtering; Information security; Internet; Protection; Prototypes; Telecommunication traffic; IPSec; IPv6; attack; firewall;
Conference_Titel :
Communication Software and Networks, 2009. ICCSN '09. International Conference on
Conference_Location :
Macau
Print_ISBN :
978-0-7695-3522-7
DOI :
10.1109/ICCSN.2009.121
