ike internet key exchange 中文意思是什麼
ike internet key exchange
解釋
因特網密鑰交換協議-
After the briefly present the origin and features of internet protocol version 6 ( ipv6 ), the paper detailedly introduced the conception, characters, security technologies of vpn, and main tunnel protocols used to implement and deploy vpns. after analyzing and comparing these technologies of realizing vpns, we choosed ipsec. then, the paper analyzed in the ipsec structure, function, work mode, and its components such as authentication header ( ah ), encapsulating security payload ( esp ), internet key exchange ( ike ), encryption and authentication algorithms, security association, security policy, and how they cooperate with each other in order to secure ip packages
在簡要介紹ipv6協議的由來和優點之後,詳細闡述了虛擬專用網的概念、特點、安全技術及實現的關鍵隧道協議,通過對實現技術的分析比較,選用了安全性強大的ipsec隧道技術,接著深入研究了ipv6安全協議ipsec的體系結構、操作模式,詳細論述了ipsec協議簇的各個組成部分,如認證報頭ah協議、封裝安全載荷esp協議、密鑰管理ike協議、加密認證演算法、安全聯盟和安全策略等,以及這些組件之間如何協作,來共同實現對網路層ip數據包的安全保護。 -
Ike ( internet key exchange ) is the protocol which performs mutual authentication and establishes security associations ( sas ) for ipsec ( ip security ). it is a very important component of the ipsec protocol suite
因特網密鑰交換( internetkeyexchangeike )協議是ipsec ( ipsecurity )協議簇的重要組成部分,負責動態協商和管理安全聯盟。 -
It includes chip selection, schematic circuit design, cpu selection and configuration, startup of the system, selection and configuration of embedded operation system, selection and configuration of tcp / ip software. it also describes some driver programming techniques of network controller. part 3 ( chapter 5 and 6 ) briefly introduces encryption technology and the ipsec protocol system, including architecture, mode, security association, security policy, implementation mode, processing of in / out packet, esp ( encapsulation security payload ), ah ( authentication header ), ike ( internet key exchange ) etc. the security requirements of embedded - networking is also analyzed
本文首先探討了嵌入式網路的原理和設計要求,接著介紹了本文所開發的嵌入式系統的硬體平臺的設計(包括處理器的選擇與配置、存儲器的選擇和io設備的選用等) ,系統的啟動(包括bios和dos的啟動以及嵌入式操作系統vrtx的配置和引導) ,網路及其安全服務的實現(包括嵌入式協議棧usnet的選取、底層驅動程序的設計和安全協議ipsec的分析與實施) 。 -
The ability of keeping the ip packet ' s integrity, secrecy, authentication, data origination, anti - relay is discussed. the relationship of ipsec component authentication header ( ah ), encapsulating security payload ( esp ) and ike ( internet key exchange ) is also talked about. this discussion of ipsec makes the impression that ipsec make ip layer security enough
論述了ipsec在ip報文的完整性、機密性、數據來源認證和抗重播等方面的能力, ipsec的基本協議? ?認證報文頭( ah )和安全封裝載荷報頭( esp )與ipsec安全體系的其它組成部分如安全策略、加密和認證演算法、密鑰管理等如何合作,共同完成對ip報文的安全保護。 -
( 2 ) research on ipsec architecture the goal, function and construction of ipsec design ; the analysis on the two security protocols of ipsec ? ah and esp including security function, packet format, application mode and processing operations of each ; mainly of the security association ( sa ) and its two modes : transport and tunnel, the instrument on organizing and managing sas security association database ( sad ), and that on managing security policies ? ? security policy database ( spd ) ; specific descriptions on internet key exchange ( ike )
( 2 ) ipsec協議體系的研究給出了ipsec的設計目的、作用和組成;分析了ipsec的兩種安全協議? ? ah和esp ,包括每種協議的安全功能、包格式、應用模式以及對數據包的處理過程;重點研究了安全聯盟( sa )以及兩種模式:傳輸模式和隧道模式,組織和管理sa的手段? ?安全聯盟數據庫( sad ) ,以及安全策略的管理手段? ?安全策略數據庫( spd ) ;最後,對internet密鑰交換( ike )進行了詳細介紹。 -
The current internet key exchange protocol ike is too complicated to effectively prevent dos attack and has too much rounds, which will influence the performance and interoperability and cause a lot of security hole at the same time
目前ipsec的密鑰交換協議ike過于復雜,不能有效的防止dos攻擊,協議輪數太多,這些都嚴重影響了協議的性能和互操作性,同時導致了許多安全漏洞。 -
Ike internet key exchange
因特網密鑰交換協議 -
The operating process of network cipher computer and kdmc are discoursed firstly, then the tcp / ip stack of linux is introduced, and an ipsec realization method with using a cipher card is put forward. triplex key system is adopted for internet key exchange ( ike ). the database and other modules are also designed and implemented
論文論述了網路密碼機和密鑰管理中心的工作流程,接著介紹了linux下tcp / ip內核協議棧,提出了加密卡方案,採用了三重密鑰管理體系實現了internet密鑰自動交換,進行了中心數據庫設計與實現,最後對其它模塊進行了實現。 -
Ike : internet key exchange
因特網密鑰交換協議 -
It pays a great attention to the internet security association and key management protocol ( isakmp ) and the internet key exchange ( ike ) based on isakmp, because the key management is always the most consequential part of any security systems
然後針對在安全系統中至關重要的密鑰管理進行了重點分析,這其中包括了internet安全關聯密鑰管理協議,以及以它為框架在ipsec中實現的internet密鑰交換協議,並且簡單說明了在上述密鑰管理協議中密鑰信息的生成公式。 -
At first, this thesis describes the secure characteristics and mechanisms on the internet protocol security ( ip sec ), also introduces the internet security association and key management protocol ( isakmp ) specified in rfc 2408 and the internet key exchange ( ike ) protocol specified in rfc 2409 for ip sec. secondly, it thoroughly analyzes the validities of the secure characteristics of the ike protocol based on the former formal analysis
本文首先論述了ipsec ( internetprotocolsecurity )安全特性和安全服務機制、支持ipsec的密鑰管理協議isakmp ( internetsecurityassociationandkeymanagementprotocol )以及ike ( internetkeyexchange )協議,然後,從兩個方面對ike協議進行了全面的研究。
分享友人