IRMA-International.org: Creator of Knowledge
Information Resources Management Association
Advancing the Concepts & Practices of Information Resources Management in Modern Organizations

Towards Better Key Exchange Performance in IPSec-Based VPNs

Towards Better Key Exchange Performance in IPSec-Based VPNs
View Free PDF
Author(s): Yongqing Han (Cisco Systems, Inc., USA), Dorina Petriu (Carleton University, Canada) and George Yee (National Research Council, Canada)
Copyright: 2004
Pages: 4
Source title: Innovations Through Information Technology
Source Editor(s): Mehdi Khosrow-Pour, D.B.A. (Information Resources Management Association, USA)
DOI: 10.4018/978-1-59140-261-9.ch153
ISBN13: 9781616921255
EISBN13: 9781466665347

Abstract

Virtual Private Networks (VPNs) provide an inexpensive and scalable solution for the transfer of sensitive data through an unsecured network by creating a “tunnel” from sender to receiver. One of the most popular protocols for creating VPNs is the IPSec protocol suite, where secure key negotiation and exchange must be done first, before any encryption of data can take place. This article examines the latest VPN technologies focusing on one of the factors that have an effect on VPN performance and scalability, namely security key management. A new aggregation key exchange approach compatible to current technologies is proposed for improving the key exchange performance in large VPN systems. The new approach represents a trade-off between performance and security. A simulation model based on the Network Simulator (ns) was developed for this new approach. Simulation experiments for various scenarios were conducted and their results were compared to the traditional key exchange scheme.

Body Bottom