Advanced Language Processing and Web Information Technology, International Conference on (2008)
July 23, 2008 to July 25, 2008
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/ALPIT.2008.23
The Internet Key Exchange (IKE) protocol is most widely used as a security key exchange protocol on the Internet. For example, IPSec protocol uses IKE protocol as its mandatory key exchange protocol. The various parameters of the IKE protocol must be configured in advance before establishing a connection. However, its complex options and manual settings diminish in usability. This paper proposes a negotiation management method for the IKE protocol based on X.509, called NeoMAN. We make use of the extension field of the X.509 certificate to carry IKE configuration profiles with and design a Negotiation Assistant Module (NAM) to hold the management processes. Our proposed method reduces the complexity of the configuration process, improves the adaptability of the IKE protocol, and also provides a centralized IKE management approach.
IKE, X.509, Negotiation management, automatic configuration, security policy, certificate
Z. Zhao, I. H. Kim, K. S. Ko, Y. I. Eom and J. H. Kim, "NeoMAN: Negotiation Management Method for IKE Protocol Based on X.509," Advanced Language Processing and Web Information Technology, International Conference on(ALPIT), vol. 00, no. , pp. 335-340, 2008.