China
Africa
Explore chapters and articles related to this topic
SRv6 Network Evolution
Published in Zhenbin Li, Zhibo Hu, Cheng Li, SRv6 Network Programming, 2021
Zhenbin Li, Zhibo Hu, Cheng Li
IPsec provides a certain level of network security assurance. In addition, the basic SRv6 security solution with ACL policies configured and the HMAC check-based enhanced security solution enhance SRv6 domain security by ensuring that the communication source in the SRv6 domain is trustworthy and packets are not tampered with. These two solutions mitigate network security issues, such as eavesdropping, packet tampering, identity spoofing, and DoS/DDoS, providing us with assurance for SRv6 deployment. For more information, please refer to the related document.[2]
The Switch/Router
Published in James Aweya, Switch/Router Architectures, 2019
IPSec can operate either in a tunnel mode or transport mode (Figure 1.18). In the tunnel mode, IPSec encrypts and authenticates the entire IP packet to be transported. IPSec encapsulates the resulting packet into a new IP packet with a new IP header. Essentially, IPSec builds a new IPSec tunnel packet with a new IP header. The tunnel mode is typically used to create VPNs between two networks (e.g., between two border routers), host-to-border router communications (e.g., for remote user access to a corporate network), and host-to-host communications.
Security in Industrial Communications
Published in Richard Zurawski, Industrial Communication Technology Handbook, 2017
Internet Protocol Security (IPsec) [42] is the native security extension to the IP v6 implemented on the network layer, which also has been ported to IPv4 commonly used in today’s (automation) IP networks. IPsec offers services for data integrity, replay protection, authentication, and confidentiality natively within the IP layer. It is implemented in the two independent services: the Authentication Header (AH) providing authentication and integrity protection of complete IP packets, and the Encapsulating Security Payload (ESP) offering only encryption and integrity verification of the payload [43,44]. In both services, a cryptography integrity check value (ICV), commonly implemented by an HMAC-SHA, is used for message integrity protection and authentication. For encryption, various algorithms such as 3-DES or AES can be selected. For key exchange, the Internet Key Exchange (IKE) protocol is used, which uses asymmetric algorithms like RSA, ECC, or symmetric algorithms with preshared secret keys, alternatively. All security parameters are maintained in a security association (SA) setup between communication partners. Most important for automation networks is the fact that IPsec can operate in two modes: transport mode, which adds security headers (and trailers in ESP) to protect a single packet, and tunnel mode, which, on the other hand, allows securely interconnecting two networks. In this mode, the original IP packets are transmitted as payload of a new security IP packet between two networks. The big overall advantage of IPsec is that its security services are independent from applications and transparent for all traffic. This fact can tremendously ease the security management in multiapplication environments. Additionally, in contrast to layer 2 security services, IPsec is also transparent beyond network borders and avoids possible vulnerabilities caused by a break of end-to-end security at network borders.
Design and implementation of an extensive-process method for improving the processing efficiency and capacity of the production logistics system
Published in Journal of the Chinese Institute of Engineers, 2023
Heng Ding, Yude Dong, Zhonghang Yuan, Jinbiao Wang, Yuanchang Chen, Zhihao Huang, Haoyu Gao, Suyun Huang
•IP security (IPSec) is a set of protocols that support the secure exchange of data packets on the IP layer. It supports two security encryption modes. One of these is a transport mode in which only the data portion of each packet is encrypted while leaving the header unchanged. The secure tunnel model encrypts both the header and data portion. Here, the latter is adopted, which is more secure. The data request sent from the web layer will be transmitted to the application layer, the application layer will send instructions to the database layer, and the data obtained from the database layer will be fed back to the web layer and finally displayed to the user. IPSec provides a guarantee for safe and effective data transmission between the three layers in the figure of this section.
A Review on Evolution of Symmetric Key Block Ciphers and Their Applications
Published in IETE Journal of Education, 2020
In general, to secure network communication, Secure Socket Layer (SSL) and Transport Layer Security (TLS) [10] are used. The Internet Protocol Security (IPSec) protocol [5] uses standard cryptographic algorithms and it is standard way for secure data exchange at the network level. Mostly TCP/IP-based protocols [7,9] widely use TLS/SSL cryptographic security protocols implemented on OpenSSL library that includes “email (SMTPS/POP3), HTTPS, instant messaging (XMPP), FTPS, VoIP, and VPN” etc. SSL/TLS protocols allow the connection between two media (client–server) to be encrypted and it makes sure that no third party is able to read or modify the data.