M.F. Cowlishaw
IBM Systems Journal
In this paper we present the design, rationale, and implementation of a security architecture for protecting the secrecy and integrity of Internet traffic at the Internet Protocol (IP) layer. The design includes three components: (1) a security policy for determining when, where, and how security measures are to be applied; (2) a modular key management protocol, called MKMP, for establishing shared secrets between communicating parties and meta-information prescribed by the security policy; and (3) the IP Security Protocol, as it is being standardized by the Internet Engineering Task Force, for applying security measures using information provided through the key management protocol. Effectively, these three components together allow for the establishment of a secure channel between any two communicating systems over the Internet. This technology is a component of IBM's firewall product and is now being ported to other IBM computer platforms.
M.F. Cowlishaw
IBM Systems Journal
Elena Cabrio, Philipp Cimiano, et al.
CLEF 2013
Pradip Bose
VTS 1998
Raymond Wu, Jie Lu
ITA Conference 2007