Mutual remote attestation in IPSec based VPN.
Secure communication between computer systems is normally established using secure tunnel technologies such as Internet Protocol Security (IPSec). IPSec protocol guarantees authenticity of communication and secure the data at each gateway but it does not provide any assurance on the entity authentic...
Saved in:
| Main Authors: | , , |
|---|---|
| Format: | Conference or Workshop Item |
| Language: | English English |
| Published: |
2012
|
| Online Access: | http://psasir.upm.edu.my/id/eprint/27710/1/ID%2027710.pdf http://psasir.upm.edu.my/id/eprint/27710/ |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Universiti Putra Malaysia |
| Language: | English English |
| id |
my.upm.eprints.27710 |
|---|---|
| record_format |
eprints |
| spelling |
my.upm.eprints.277102014-06-18T01:29:01Z http://psasir.upm.edu.my/id/eprint/27710/ Mutual remote attestation in IPSec based VPN. Abd Aziz, Norazah Setapa, Sharipah Udzir, Nur Izura Secure communication between computer systems is normally established using secure tunnel technologies such as Internet Protocol Security (IPSec). IPSec protocol guarantees authenticity of communication and secure the data at each gateway but it does not provide any assurance on the entity authentication. So, it is important to make sure the trustworthiness of the remote party that already has a faithful system. Trusted Computing Group (TCG) has introduced a platform to solve this issue into the mainstream computer industry through their main approach called Trusted Platform Module (TPM). TPM is a security module which has been designed to store information of system events securely as well as the key component in the attestation realization. Trusted Computing Platform (TCP) provides a mechanism to supports attestation by its Platform Configuration Registers (PCR) which has become the integrity measurement of a platform. Attestation is a mechanism to provide remote assurance of the state of the hardware component running on a computing device. This paper, proposes an extension to the IPSec key exchange protocol by establishing properties-based attestation using key management service. An embedded attestation extension is provided in VPN communication such as IPSec protocol by establishing mutual properties based attestation using key management service (KeyMS) measurement value as properties. Hence, the proposed approach will protect both sender's and receiver's platforms integrity at their respective gateways 2012 Conference or Workshop Item NonPeerReviewed application/pdf en http://psasir.upm.edu.my/id/eprint/27710/1/ID%2027710.pdf Abd Aziz, Norazah and Setapa, Sharipah and Udzir, Nur Izura (2012) Mutual remote attestation in IPSec based VPN. In: 3rd International Conference on Cryptology & Computer Security 2012 (Cryptology2012), 4-6 June 2012, Langkawi, Malaysia. (pp. 1-5). (Unpublished) English |
| institution |
Universiti Putra Malaysia |
| building |
UPM Library |
| collection |
Institutional Repository |
| continent |
Asia |
| country |
Malaysia |
| content_provider |
Universiti Putra Malaysia |
| content_source |
UPM Institutional Repository |
| url_provider |
http://psasir.upm.edu.my/ |
| language |
English English |
| description |
Secure communication between computer systems is normally established using secure tunnel technologies such as Internet Protocol Security (IPSec). IPSec protocol guarantees authenticity of communication and secure the data at each gateway but it does not provide any assurance on the entity authentication. So, it is important to make sure the trustworthiness of the remote party that already has a faithful system. Trusted Computing Group (TCG) has introduced a platform to solve this issue into the mainstream computer industry through their main approach called Trusted Platform Module (TPM). TPM is a security module which has been designed to store information of system events securely as well as the key component in the attestation realization. Trusted Computing Platform (TCP) provides a mechanism to supports attestation by its Platform Configuration Registers (PCR) which has become the integrity measurement of a platform. Attestation is a mechanism to provide remote assurance of the state of the hardware component running on a computing device. This paper, proposes an extension to the IPSec key exchange protocol by establishing properties-based attestation using key management service. An embedded attestation extension is provided in VPN communication such as IPSec protocol by establishing mutual properties based attestation using key management service (KeyMS) measurement value as properties. Hence, the proposed approach will protect both sender's and receiver's platforms integrity at their respective gateways |
| format |
Conference or Workshop Item |
| author |
Abd Aziz, Norazah Setapa, Sharipah Udzir, Nur Izura |
| spellingShingle |
Abd Aziz, Norazah Setapa, Sharipah Udzir, Nur Izura Mutual remote attestation in IPSec based VPN. |
| author_facet |
Abd Aziz, Norazah Setapa, Sharipah Udzir, Nur Izura |
| author_sort |
Abd Aziz, Norazah |
| title |
Mutual remote attestation in IPSec based VPN. |
| title_short |
Mutual remote attestation in IPSec based VPN. |
| title_full |
Mutual remote attestation in IPSec based VPN. |
| title_fullStr |
Mutual remote attestation in IPSec based VPN. |
| title_full_unstemmed |
Mutual remote attestation in IPSec based VPN. |
| title_sort |
mutual remote attestation in ipsec based vpn. |
| publishDate |
2012 |
| url |
http://psasir.upm.edu.my/id/eprint/27710/1/ID%2027710.pdf http://psasir.upm.edu.my/id/eprint/27710/ |
| _version_ |
1643829257643753472 |