ABSTRACT

Demonstration of Quality of Security Service Awareness for IPsec   [open pdf - 950KB]

Quality of Security Service (QoSS) refers to the ability to provide security services according to user and system preferences, policies and conditions. Thus, security can be managed as a responsive "service" for which quantitative measurement of service "efficiency" is possible. This document presents a demonstration on how a specific underlying security mechanism, IPsec, can be modulated to provide different levels for security in response to changing QoSS requirements. Section 1 provides a demonstration of QoSS awareness for IPsec. Section 2 provides some Psec background and describes how QoSS notions can be linked to this security mechanism. Section 3 gives a brief description of the demo's functionality. Section 4 discusses the IPsec's Security Policy Database and how to put rules into it. Sections 5 and 6 discuss Internet Key Exchange daemon's configuration and policy issues. Section 7 presents the functionality of the QoSS management module. Display of traffic data and of established security parameters is discussed in sections 8 and 9. Section 10 contains a detailed list of demonstration steps and files.

Report Number:
NPS-CS-02-005
Author:
Publisher:
Date:
2002-09
Copyright:
Public Domain
Retrieved From:
Naval Postgraduate School, Dudley Knox Library: http://www.nps.edu/Library/index.aspx
Format:
pdf
Media Type:
application/pdf
URL:
Help with citations