Title :
The design and implementation of IPSec conflict avoiding and recovering system
Author :
Sun, Hung-Min ; Chang, Shih-Ying ; Chen, Yao-Hsin ; He, Bing-Zhe ; Chen, Cheng-Kai
Author_Institution :
Nat. Tsing Hua Univ., Hsinchu
fDate :
Oct. 30 2007-Nov. 2 2007
Abstract :
IPSec has been popularly used in protecting data over IP network; however, how to detect and avoid policy conflicts is a big challenge. Under current architecture, user- space process can directly manipulate security associations database (SADB) or security policies database (SPDB) causing inter-application conflict, lack of access control, lack of conflict avoiding and recovering, and conflict diffusion. Previous proposed algorithms can only detect conflicts afterward instead of preventing them in advance. Therefore we propose a new architecture to avoid conflicts and provide recovery mechanism. Finally, we implement these functionalities and the evaluation of performance shows that this architecture is realistic and practical.
Keywords :
IP networks; security of data; IP network; IPSec; conflict avoiding system; data protection; recovering system; Computer science; Data security; Databases; Electrostatic precipitators; IP networks; Information security; Internet; Kernel; Protection; Virtual private networks;
Conference_Titel :
TENCON 2007 - 2007 IEEE Region 10 Conference
Conference_Location :
Taipei
Print_ISBN :
978-1-4244-1272-3
Electronic_ISBN :
978-1-4244-1272-3
DOI :
10.1109/TENCON.2007.4429003
