Browse > Article

Design of the Security Evaluation System for Internet Secure Connectivity Assurance Platform  

김상춘 (삼척대학교 정보통신공학과)
한근희 (공주대학교 응용수학과)
Publication Information
Journal of KIISE:Information Networking / v.31, no.2, 2004 , pp. 207-216 More about this Journal
Abstract
IPsec protocol has been developed to provide security services to Internet. Recently IPsec is implemented on the various operating systems Hence, it is very important to evaluate the stability of the Ipsec protocol as well as other protocols that provide security services. However, there has been little effort to develop the tools that require to evaluate the stability of IPsec protocols. Therefore, in this paper, we develope the security requirements and suggest a security evaluation system for the Internet packet protection protocols that provide security services at the If level that can be used to check if the security protocols Provide the claimed services correctly This system can be used as debugging tool for developing IPsec based security system.
Keywords
security evaluation system; IPsec protocol; Security Vulnerability;
Citations & Related Records
연도 인용수 순위
  • Reference
1 Larry J. Hughes, Jr., Actually Useful Internet Security Techniques, New Riders Publishing
2 이재승, 김상춘, 이종태, 김경범, 손승원, '대규모 네트워크 환경하에서의 침해사고 예방을 위한 보안성 평가 시스템 설계', 제12회 정보 보호와 암호에 관한 학술대회(WISC 2000), pp. 160-176, 2000
3 LANguard Network&Port scanner, http://www.gfi.com/languard/lanscan.htm
4 FreeS/WAN, http://ipv6.iabg.de/
5 ISS, Network and Host-based Vulnerability Assesment, AXENT, http://www.axcent.com
6 Cisco Scanner, http://www.cisco.com/univercd/cc/td/doc/pcat/nssq.htm
7 IETF RFC2407, 'The Internet IP Security Domain of Interpretation for ISAKMP'
8 IETF RFC2401, 'Security Architecture for the Internet Protocol'
9 IETF RFC2402, 'IP Authentication Header(AH)'
10 IETF RFC2406, 'IP Encapsulating Security Pay-load(ESP)'
11 IETF RFC2408, 'ISAKMP'
12 IETF RFC2409, 'The Internet Key Exchange(IKE)'
13 한국전산원, '정보시스템 보안을 위한 위험 분석 소프트웨어 개발 보고서', 1997
14 J.H.Jeong, J.H.Nah, S.W.Sohn and J.T.Lee, 'C-ISCAP: Controlled-Internet Secure Connectivity Assurance Platform,' Proc. of the IEEE International Conference on Enterprise Information systems(ICEIS2001), Vol. 2, pp. 920-925, Setubal, Protugal
15 Inzen Home Page, http://www.inzen.com
16 이재승, 김상춘, 김경범, 손승원, '대규모 네트워크 보안성 분석 자동화를 위한 보안성 평가 시스템의 설계', 제5회 통신소프트웨어 학술대회 COMSW2000 (The 5th Conference on communication Software), pp. 172-176
17 Vulnerability Testing, http://esperosun.chungnam.ac.kr/~jmkim/firewall/vulnerability/vul00.html
18 Kane Security Analyst Product Home Page, http://www.mantech.co.kr/ksa.html