ipsec ike 中文意思是什麼
-
After the briefly present the origin and features of internet protocol version 6 ( ipv6 ), the paper detailedly introduced the conception, characters, security technologies of vpn, and main tunnel protocols used to implement and deploy vpns. after analyzing and comparing these technologies of realizing vpns, we choosed ipsec. then, the paper analyzed in the ipsec structure, function, work mode, and its components such as authentication header ( ah ), encapsulating security payload ( esp ), internet key exchange ( ike ), encryption and authentication algorithms, security association, security policy, and how they cooperate with each other in order to secure ip packages
在簡要介紹ipv6協議的由來和優點之後,詳細闡述了虛擬專用網的概念、特點、安全技術及實現的關鍵隧道協議,通過對實現技術的分析比較,選用了安全性強大的ipsec隧道技術,接著深入研究了ipv6安全協議ipsec的體系結構、操作模式,詳細論述了ipsec協議簇的各個組成部分,如認證報頭ah協議、封裝安全載荷esp協議、密鑰管理ike協議、加密認證演算法、安全聯盟和安全策略等,以及這些組件之間如何協作,來共同實現對網路層ip數據包的安全保護。 -
Ike ( internet key exchange ) is the protocol which performs mutual authentication and establishes security associations ( sas ) for ipsec ( ip security ). it is a very important component of the ipsec protocol suite
因特網密鑰交換( internetkeyexchangeike )協議是ipsec ( ipsecurity )協議簇的重要組成部分,負責動態協商和管理安全聯盟。 -
It includes chip selection, schematic circuit design, cpu selection and configuration, startup of the system, selection and configuration of embedded operation system, selection and configuration of tcp / ip software. it also describes some driver programming techniques of network controller. part 3 ( chapter 5 and 6 ) briefly introduces encryption technology and the ipsec protocol system, including architecture, mode, security association, security policy, implementation mode, processing of in / out packet, esp ( encapsulation security payload ), ah ( authentication header ), ike ( internet key exchange ) etc. the security requirements of embedded - networking is also analyzed
本文首先探討了嵌入式網路的原理和設計要求,接著介紹了本文所開發的嵌入式系統的硬體平臺的設計(包括處理器的選擇與配置、存儲器的選擇和io設備的選用等) ,系統的啟動(包括bios和dos的啟動以及嵌入式操作系統vrtx的配置和引導) ,網路及其安全服務的實現(包括嵌入式協議棧usnet的選取、底層驅動程序的設計和安全協議ipsec的分析與實施) 。 -
The ability of keeping the ip packet ' s integrity, secrecy, authentication, data origination, anti - relay is discussed. the relationship of ipsec component authentication header ( ah ), encapsulating security payload ( esp ) and ike ( internet key exchange ) is also talked about. this discussion of ipsec makes the impression that ipsec make ip layer security enough
論述了ipsec在ip報文的完整性、機密性、數據來源認證和抗重播等方面的能力, ipsec的基本協議? ?認證報文頭( ah )和安全封裝載荷報頭( esp )與ipsec安全體系的其它組成部分如安全策略、加密和認證演算法、密鑰管理等如何合作,共同完成對ip報文的安全保護。 -
( 2 ) research on ipsec architecture the goal, function and construction of ipsec design ; the analysis on the two security protocols of ipsec ? ah and esp including security function, packet format, application mode and processing operations of each ; mainly of the security association ( sa ) and its two modes : transport and tunnel, the instrument on organizing and managing sas security association database ( sad ), and that on managing security policies ? ? security policy database ( spd ) ; specific descriptions on internet key exchange ( ike )
( 2 ) ipsec協議體系的研究給出了ipsec的設計目的、作用和組成;分析了ipsec的兩種安全協議? ? ah和esp ,包括每種協議的安全功能、包格式、應用模式以及對數據包的處理過程;重點研究了安全聯盟( sa )以及兩種模式:傳輸模式和隧道模式,組織和管理sa的手段? ?安全聯盟數據庫( sad ) ,以及安全策略的管理手段? ?安全策略數據庫( spd ) ;最後,對internet密鑰交換( ike )進行了詳細介紹。 -
The operating process of network cipher computer and kdmc are discoursed firstly, then the tcp / ip stack of linux is introduced, and an ipsec realization method with using a cipher card is put forward. triplex key system is adopted for internet key exchange ( ike ). the database and other modules are also designed and implemented
論文論述了網路密碼機和密鑰管理中心的工作流程,接著介紹了linux下tcp / ip內核協議棧,提出了加密卡方案,採用了三重密鑰管理體系實現了internet密鑰自動交換,進行了中心數據庫設計與實現,最後對其它模塊進行了實現。 -
Firstly, it narrates processing of in / out packet, constructing spd ( security policy database ) and sadb ( security association database ), studying ike, realizing the module of encryption algorithm by modifying usnet. secondly, it introduces some ways to improve the capability of the whole system that has implemented ipsec
最後作者論述了自己對系統為實施安全協議所做的調整與優化;同時筆者也對進一步提高系統的可靠性和實時性提出了自己的建議,並在操作系統與協議棧的無縫連接方面進行了初步探討。 -
Firstly, the paper introduce the ipsec architecture, including some basic concepts, for example, security policy, security association, selector, and the component of ipsec architecture such as spd, sad, ah, esp and ike, etc. the processing of ipsec is explained in detail
本文首先對ipsec協議體系作了總結性介紹,包括一些基本概念如安全策略、安全聯盟、選擇符等,以及ipsec協議體系的各個組件如spd , sad , ah , esp , ike等,詳細闡述了ipsec的處理流程。 -
Firstly, ipsec architecture is briefly introduced, including some basic concepts, for example, security policy, security association, selector, and each component of ipsec architecture such as spd, sad, ah, esp and ike, etc. the processing of ipsec is explained in detail, and its merits are summarized
本論文首先對ipsec協議體系作了總結性介紹,包括一些基本概念如安全策略、安全聯盟、選擇符等,以及ipsec協議體系的各個組件如spd 、 sad 、 ah 、 esp 、 ike等,詳細闡述了ipsec的處理流程,並總結了ipsec協議的優點。 -
The author designed and implemented the ike part of ipsec
作者在這個項目中負責設計和實現ipsec協議集中的密鑰交換協議ike 。
分享友人