{"title":"传输层协议中的安全机制","authors":"Victor L Voydock, Stephen T Kent","doi":"10.1016/0376-5075(84)90006-0","DOIUrl":null,"url":null,"abstract":"<div><p>This paper describes how the error detection and recovery mechanisms of the proposed National Bureau of Standards (NBS) transport layer protocol can be easily extended to provide secure transmission of information. The security mechanisms are based on the Data Encryption Standard (DES) of the NBS. Two distinct security architectures are described. In the first, the DES hardware is a peripheral I/O device of the computer in which the transport layer resides. In the other, encryption is performed by a hardware device located in the data path between the transport layer and the network layer. The paper argues that, in the long run, the transport layer should be implemented in a front end computer equipped with a DES peripheral. This isolates it from (possibly untrustworthy) host software, and greatly simplifies the job of certifying its correct behavior.</p></div>","PeriodicalId":100316,"journal":{"name":"Computer Networks (1976)","volume":"8 5","pages":"Pages 433-449"},"PeriodicalIF":0.0000,"publicationDate":"1984-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://sci-hub-pdf.com/10.1016/0376-5075(84)90006-0","citationCount":"15","resultStr":"{\"title\":\"Security mechanisms in a transport layer protocol\",\"authors\":\"Victor L Voydock, Stephen T Kent\",\"doi\":\"10.1016/0376-5075(84)90006-0\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<div><p>This paper describes how the error detection and recovery mechanisms of the proposed National Bureau of Standards (NBS) transport layer protocol can be easily extended to provide secure transmission of information. The security mechanisms are based on the Data Encryption Standard (DES) of the NBS. Two distinct security architectures are described. In the first, the DES hardware is a peripheral I/O device of the computer in which the transport layer resides. In the other, encryption is performed by a hardware device located in the data path between the transport layer and the network layer. The paper argues that, in the long run, the transport layer should be implemented in a front end computer equipped with a DES peripheral. This isolates it from (possibly untrustworthy) host software, and greatly simplifies the job of certifying its correct behavior.</p></div>\",\"PeriodicalId\":100316,\"journal\":{\"name\":\"Computer Networks (1976)\",\"volume\":\"8 5\",\"pages\":\"Pages 433-449\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"1984-10-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"https://sci-hub-pdf.com/10.1016/0376-5075(84)90006-0\",\"citationCount\":\"15\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Computer Networks (1976)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://www.sciencedirect.com/science/article/pii/0376507584900060\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Computer Networks (1976)","FirstCategoryId":"1085","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/0376507584900060","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
This paper describes how the error detection and recovery mechanisms of the proposed National Bureau of Standards (NBS) transport layer protocol can be easily extended to provide secure transmission of information. The security mechanisms are based on the Data Encryption Standard (DES) of the NBS. Two distinct security architectures are described. In the first, the DES hardware is a peripheral I/O device of the computer in which the transport layer resides. In the other, encryption is performed by a hardware device located in the data path between the transport layer and the network layer. The paper argues that, in the long run, the transport layer should be implemented in a front end computer equipped with a DES peripheral. This isolates it from (possibly untrustworthy) host software, and greatly simplifies the job of certifying its correct behavior.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
