Host Identity Protocol (HIP) : Towards the Secure Mobile Internet
Andrei. Gurtov
Bok Engelsk 2008 · Electronic books.
| Annen tittel | |
|---|---|
| Utgitt | Hoboken : : Wiley, , 2008.
|
| Omfang | 1 online resource (323 p.)
|
| Opplysninger | Description based upon print version of record.. - Host Identity Protocol (HIP); Contents; About the Author; Foreword; Foreword; Preface; Acknowledgments; Abbreviations; Part I Introduction; 1 Overview; 1.1 Identifier-locator split; 1.2 HIP in the Internet architecture; 1.3 Brief history of HIP; 1.4 Organization of the book; 2 Introduction to network security; 2.1 Goalsof cryptographic protocols; 2.2 Basics and terminology; 2.3 Attack types; 2.3.1 Eavesdropping; 2.3.2 Impersonation; 2.3.3 Man-In-The-Middle attacks; 2.3.4 Delay and replay attacks; 2.3.5 Denial-of-Service attacks; 2.3.6 Exhaustive key space search; 2.3.7 Cryptoanalysis. - 2.4 Defense mechanisms2.4.1 Symmetric cryptography; 2.4.2 Public-key cryptography; 2.4.3 One-way cryptographic hash functions; 2.4.4 One-time signatures; 2.4.5 Sequence numbers; 2.4.6 Cryptographic nonces; 2.4.7 Client puzzles; 2.5 Security protocols; 2.5.1 Modular exponential Diffie-Hellman groups; 2.5.2 Keying material; 2.5.3 Transforms; 2.5.4 IP security architecture: IPsec; 2.5.5 IPsec modes; 2.5.6 IPsec security protocols; 2.5.7 SIGMA; 2.5.8 Internet Key Exchange: IKE; 2.6 Weak authentication techniques; 2.7 Secure DNS; Part II The Host Identity Protocol; 3 Architectural overview. - 3.1 Internet namespaces3.2 Methods of identifying a host; 3.3 Overlay Routable Cryptographic Hash Identifiers; 3.3.1 The purpose of an IPv6 prefix; 3.3.2 Generating and routing an ORCHID; 3.3.3 ORCHID properties; 3.4 The role of IPsec; 3.5 Related IETF activities; 4 Base protocol; 4.1 Base exchange; 4.1.1 I1 packet; 4.1.2 R1 packet; 4.1.3 I2 packet; 4.1.4 R2 packet; 4.2 Other HIP control packets; 4.3 IPsec encapsulation; 4.3.1 ESP transforms; 4.3.2 ESP Bound End-to-End Tunnel; 5 Main extensions; 5.1 Mobility and multihoming; 5.1.1 Mobility and multihoming architecture. - 5.1.2 Multihoming as extension of mobility5.1.3 Effect of ESP anti-replay window; 5.1.4 The LOCATOR parameter; 5.1.5 Locator states; 5.1.6 Credit-based authentication; 5.1.7 Interaction with transport protocols; 5.2 Rendezvous server; 5.2.1 Registering with a rendezvous server; 5.2.2 Rendezvous parameters; 5.3 DNS extensions; 5.3.1 HIP requirements to DNS; 5.3.2 Storing a RVS address; 5.3.3 DNS security; 5.4 Registration protocol; 5.4.1 The process of registration; 5.4.2 Packet formats; 6 Advanced extensions; 6.1 Opportunistic mode; 6.1.1 Initiating opportunistic base exchange. - 6.1.2 Implementation using a TCP option6.2 Piggybacking transport headers to base exchange; 6.2.1 Piggybacking to I2; 6.2.2 Security concerns; 6.3 HIP service discovery; 6.3.1 Overview of Service Discovery; 6.3.2 On-the-path Service Discovery; 6.3.3 Passive Service Discovery; 6.3.4 Regional Service Discovery; 6.4 Simultaneous multiaccess; 6.4.1 Flow binding extension; 6.4.2 Packet formats; 6.5 Disseminating HITs with a presence service; 6.5.1 HITs in the Presence Information Data Format; 6.5.2 Disseminating protocol; 6.6 Multicast; 6.6.1 Challenges for IP multicast. - 6.6.2 Host Identity Specific multicast. - "Within the set of many identifier-locator separation designs for the Internet, HIP has progressed further than anything else we have so far. It is time to see what HIP can do in larger scale in the real world. In order to make that happen, the world needs a HIP book, and now we have it." - Jari Arkko, Internet Area Director, IETF One of the challenges facing the current Internet architecture is the incorporation of mobile and multi-homed terminals (hosts), and an overall lack of protection against Denial-of-Service attacks and identity spoofing. The Host Identity Protocol (HI
|
| Emner | |
| Sjanger | |
| Dewey | |
| ISBN | 9780470997901
|
