Quality of Security Service (QoSS) refers to the ability to provide security services according to user and system preferences, policies and conditions. Thus, security can be managed as a responsive "service" for which quantitative measurement of service "efficiency" is possible. This document presents a demonstration on how a specific underlying security mechanism, IPsec, can be modulated to provide different levels for security in response to changing QoSS requirements. Section 1 provides a demonstration of QoSS awareness for IPsec. Section 2 provides some Psec background and describes how QoSS notions can be linked to this security mechanism. Section 3 gives a brief description of the demo's functionality. Section 4 discusses the IPsec's Security Policy Database and how to put rules into it. Sections 5 and 6 discuss Internet Key Exchange daemon's configuration and policy issues. Section 7 presents the functionality of the QoSS management module. Display of traffic data and of established security parameters is discussed in sections 8 and 9. Section 10 contains a detailed list of demonstration steps and files.
Naval Postgraduate School, Dudley Knox Library: http://www.nps.edu/Library/index.aspx