摘要
首先介绍了IPSec协议的两种工作模式以及这些模式下IP包的变化,继而阐述了密钥交换协议的功能与操作过程。在对加密算法与IP报文加密了解的基础上,详细说明了认证头与封装安全载荷对外出和进入数据包的处理方式以及检查完整性检查值的整个过程,分析了IPSec在安全网关中的一些最新技术运用。最后提供了一种基于虚拟专用网技术的安全网关实现方式。
This paper firstly introduces two work modes of IPSec protocol and the IP packets change under these modes,then expatiates the functions of IKE and the operating process.After the understanding of encryption algorithm and packet encrypting,we explain how AH and ESP dispose ingoing and outgoing packets,including the basic introduction of checking ICV.Based on all of those material we analyse recent skill in security gateway,and offer a way to realize a security gateway model based on VPN.
出处
《太原理工大学学报》
CAS
北大核心
2006年第S1期122-125,共4页
Journal of Taiyuan University of Technology
关键词
IPSEC协议
虚拟专用网
封装安全载荷
IPSec protocol
virtual private network(VPN)
encapsulating security payload(ESP)