| The paper mainly researches on how to implement IPSEC security protocols桝H and ESP on LINUX.as well as compression function of datagrams.FirstJPSEC protocol is introduced.lt is developed for the requirements of network security in IP layer.With the techniques of encryption and authentication of applied cryptography.IPSEC provides a set of security services for IP packets.These services includes encryption,data integrity.data origin authentication.protection against replays and limited traffic tlow confidentiality.The implementation of IPSEC can be divided into two parts.One part is integrated into network protocol stack on LINUX.and utilized IPSEC to deal with inbound/outbound packets.This part includes security protocols of AH and ESP.SA database and security policy database,the algorithms of encryption and authenticatiorudata compression added newly.Another part is necessary for the working of security protocols,namely, established SAs for security protocols via negotiation.This part includes IKE protocol and others protocols related to the implement of IKE protocol.Then,discussed one by one the research focuses of the paper at length.namely,that part of IPSEC which is integrated into network protocol stack on LINUX.These focuses are titled separately with the module of IPSEC security protocols, of data compression.of policy management.and the interface of policy management.the implement of IPSEC is composed of them. Secure of datagram is implemented directly by IPSEC protocol.and disadvantage of IPSEC is eliminated through data compression.Communications among IKE protocol and policy-management module and Secure protocol module are implemented by PF_KEY socket.Policy-management is the basement of implementation of IPSEC protocol.Based on Profounded comprehension of implementation of IPSEC protocol.data compression function is designed elaborately.lt is debugged repeatedly.so it's correctness can be deduced. |
PDF Full Text Request