计算机网络安全双语Chapter 6 IPSec简化版.ppt

专题
虚拟专用网VPN
PKI
PGP
Chapter 6 IP Security
TCP/IP Example
Host—Router
Router—Router
Host--Host
Application
TCP
IP
link
TCP
data
data
TCP
data
IP
帧头
TCP
data
IP
tail
A
TCP
IP
link
IPSec的应用
IPSec之所以能用于不同的应用领域,主要是因为它能够加密认证IP层所有的数据流
远程登录
C/S系统
电子邮件
文件传输
Web访问
IP Security Scenario
End users
Partners
Branch offices
Outline
IP Security Overview
IP Security Architecture
Authentication Header
Encapsulating Security binations of Security Associations
IP Security Overview
ab. IPSec
RFC1636 ( Architecture Board),1994
IPSec is not a single protocol.
a set of security algorithms
a general framework that allows a pair municating entities municate in security.
provides
Authentication\confidentiality\key management
IPSec Documents Overview
IETF IP security Protocol
Working group definition
ESP: encapsulation security payload
AH: Authentication header
DOI: Domain of
interpretation
IPSec Services
Access Control
Connectionless integrity
Data origin authentication
Confidentiality (encryption)
Limited traffic flow confidentiallity
Rejection of replayed packets