E-Book, Englisch, 332 Seiten, E-Book
Gurtov Host Identity Protocol (HIP)
1. Auflage 2008
ISBN: 978-0-470-77290-4
Verlag: John Wiley & Sons
Format: PDF
Kopierschutz: Adobe DRM (»Systemvoraussetzungen)
Towards the Secure Mobile Internet
E-Book, Englisch, 332 Seiten, E-Book
Reihe: Wiley Series in Communications Technology
ISBN: 978-0-470-77290-4
Verlag: John Wiley & Sons
Format: PDF
Kopierschutz: Adobe DRM (»Systemvoraussetzungen)
"Within the set of many identifier-locator separationdesigns for the Internet, HIP has progressed further than anythingelse we have so far. It is time to see what HIP can do in largerscale in the real world. In order to make that happen, the worldneeds a HIP book, and now we have it." - Jari Arkko,Internet Area Director, IETF
One of the challenges facing the current Internet architectureis the incorporation of mobile and multi-homed terminals (hosts),and an overall lack of protection against Denial-of-Service attacksand identity spoofing. The Host Identity Protocol (HIP) is beingdeveloped by the Internet Engineering Task Force (IETF) as anintegrated solution to these problems. The book presents awell-structured, readable and compact overview of the core protocolwith relevant extensions to the Internet architecture andinfrastructure. The covered topics include the Bound End-to-EndTunnel Mode for IPsec, Overlay Routable Cryptographic HashIdentifiers, extensions to the Domain Name System, IPv4 and IPv6interoperability, integration with SIP, and support for legacyapplications.
Unique features of the book:
* All-in-one source for HIP specifications
* Complete coverage of HIP architecture and protocols
* Base exchange, mobility and multihoming extensions
* Practical snapshots of protocol operation
* IP security on lightweight devices
* Traversal of middleboxes, such as NATs and firewalls
* Name resolution infrastructure
* Micromobility, multicast, privacy extensions
* Chapter on applications, including HIP pilot deployment in aBoeing factory
* HOWTO for HIP on Linux (HIPL) implementation
An important compliment to the official IETF specifications,this book will be a valuable reference for practicing engineers inequipment manufacturing companies and telecom operators, as well asnetwork managers, network engineers, network operators and telecomengineers. Advanced students and academics, IT managers,professionals and operating system specialists will also find thisbook of interest.
Autoren/Hrsg.
Weitere Infos & Material
About the Author.
Foreword. (Jari Arkko)
Foreword. (David Hutchison)
Preface.
Acknowledgments.
Abbreviations.
Part I Introduction.
Chapter 1: Overview.
1.1 Identifierâ??locatorsplit.
1.2 HIPin the Internetarchitecture.
1.3 BriefhistoryofHIP.
1.4 Organization of the book.
Chapter 2: Introduction to network security.
2.1 Goalsof cryptographicprotocols.
2.2 Basics andterminology.
2.3 Attacktypes.
2.4 Defensemechanisms.
2.5 Securityprotocols.
2.6 Weakauthenticationtechniques.
2.7 SecureDNS.
Part II The Host Identity Protocol.
Chapter 3: Architectural overview.
3.1 Internet namespaces.
3.2 Methods of identifying a host.
3.3 OverlayRoutableCryptographicHashIdentifiers.
Chapter 4: Baseprotocol.
4.1 Base exchange.
4.2 OtherHIPcontrolpackets.
4.3 IPsec encapsulation.
Chapter 5: Main extensions.
5.1 Mobility and multihoming.
5.2 Rendezvous server.
5.3 DNSextensions.
5.4 Registrationprotocol.
Chapter 6: Advanced extensions.
6.1 Opportunistic mode.
6.2 Piggybacking transport headers to base exchange.
6.3 HIPservicediscovery.
6.4 Simultaneous multiaccess.
6.5 DisseminatingHITswitha presenceservice.
6.6 Multicast.
Chapter 7: Performance measurements.
7.1 HIPonNokia InternetTablet.
7.2 Experimental results.
7.3 Summary.
Chapter 8: Lightweight HIP.
8.1 Security functionality of HIP.
8.2 HIPhigh-levelgoals.
8.3 LHIPdesign.
8.4 LHIPperformance.
8.5 Discussion.
Part III Infrastructure Support.
Chapter 9: Middlebox traversal.
9.1 Requirements for traversinglegacymiddleboxes.
9.2 LegacyNATtraversal.
9.3 Requirements forHIP-awaremiddleboxes.
9.4 HIP-awarefirewall.
Chapter 10: Name resolution.
10.1 Problemstatementofnaming.
10.2 DistributedHashTables.
10.3 HIPinterface toOpenDHT.
10.4 Overviewofoverlaynetworks.
10.5 Host Identity Indirection Infrastructure.
10.5.1 Separatingcontrol,data, andnaming.
10.5.2 Thedata plane.
10.5.3 Thecontrolplane.
10.5.4 Discussionof theHi3design.
Chapter 11: Micromobility.
11.1 Local rendezvousservers.
11.2 Secure micromobility.
11.3 Network mobility.
Chapter 12: Communication privacy.
12.1 SPINAT.
12.2 BLIND.
12.3 Anonymousidentifiers.
Part IV Applications.
Chapter 13: Possible HIP applications.
13.1 VirtualPrivateNetworking.
13.2 P2PInternetSharingArchitecture.
13.3 InteroperatingIPv4andIPv6.
13.4 SecureMobileArchitecture.
13.5 Liveapplicationmigration.
13.6 NetworkoperatorviewpointonHIP.
Chapter 14: Application interface.
14.1 UsinglegacyapplicationswithHIP.
14.2 API fornativeHIPapplications.
Chapter 15: Integrating HIP with other protocols.
15.1 GeneralizedHIP.
15.2 The use of Session Initiation Protocol.
15.3 EncapsulatingHIPdatausingSRTP.
15.4 ReplacingHIPbase exchangewithIKEv2.
15.5 MobileIPandHIP.
15.6 HIPproxyfor legacyhosts.
Installing and using HIP.
Bibliography.
Index.
