Host Identity Protocol (HIP) - Andrei Gurtov

Blick ins Buch

Host Identity Protocol (HIP) (eBook)

Towards the Secure Mobile Internet

Andrei Gurtov (Autor)

eBook Download: PDF

2008 | 1. Auflage
332 Seiten
Wiley (Verlag)
978-0-470-77290-4 (ISBN)

Lese- und Medienproben

Ebook-Leseprobe (PDF)

Within the set of many identifier-locator separation designs for the Internet, HIP has progressed further than anything else we have so far. It is time to see what HIP can do in larger scale in the real world. In order to make that happen, the world needs a HIP book, and now we have it. - Jari Arkko, Internet Area Director, IETF One of the challenges facing the current Internet architecture is the incorporation of mobile and multi-homed terminals (hosts), and an overall lack of protection against Denial-of-Service attacks and identity spoofing. The Host Identity Protocol (HIP) is being developed by the Internet Engineering Task Force (IETF) as an integrated solution to these problems. The book presents a well-structured, readable and compact overview of the core protocol with relevant extensions to the Internet architecture and infrastructure. The covered topics include the Bound End-to-End Tunnel Mode for IPsec, Overlay Routable Cryptographic Hash Identifiers, extensions to the Domain Name System, IPv4 and IPv6 interoperability, integration with SIP, and support for legacy applications. Unique features of the book: All-in-one source for HIP specifications Complete coverage of HIP architecture and protocols Base exchange, mobility and multihoming extensions Practical snapshots of protocol operation IP security on lightweight devices Traversal of middleboxes, such as NATs and firewalls Name resolution infrastructure Micromobility, multicast, privacy extensions Chapter on applications, including HIP pilot deployment in a Boeing factory HOWTO for HIP on Linux (HIPL) implementation An important compliment to the official IETF specifications, this book will be a valuable reference for practicing engineers in equipment manufacturing companies and telecom operators, as well as network managers, network engineers, network operators and telecom engineers. Advanced students and academics, IT managers, professionals and operating system specialists will also find this book of interest.

Andrei Gurtov is a senior research scientist leading the Networking Research group at the Helsinki Institute for Information Technology focusing on the Host Identity Protocol and next generation Internet architecture. He received his M.Sc and Ph.D. degrees in Computer Science from the University of Helsinki, Finland. He co-chairs the IRTF research group on HIP and teaches as an adjunct professor at Telecommunications and Multimedia Laboratory of the Helsinki University of Technology.

About the Author.

Foreword. (Jari Arkko)

Foreword. (David Hutchison)

Preface.

Acknowledgments.

Abbreviations.

Part I Introduction.

Chapter 1: Overview.

1.1 Identifierâ??locatorsplit.

1.2 HIPin the Internetarchitecture.

1.3 BriefhistoryofHIP.

1.4 Organization of the book.

Chapter 2: Introduction to network security.

2.1 Goalsof cryptographicprotocols.

2.2 Basics andterminology.

2.3 Attacktypes.

2.4 Defensemechanisms.

2.5 Securityprotocols.

2.6 Weakauthenticationtechniques.

2.7 SecureDNS.

Part II The Host Identity Protocol.

Chapter 3: Architectural overview.

3.1 Internet namespaces.

3.2 Methods of identifying a host.

3.3 OverlayRoutableCryptographicHashIdentifiers.

Chapter 4: Baseprotocol.

4.1 Base exchange.

4.2 OtherHIPcontrolpackets.

4.3 IPsec encapsulation.

Chapter 5: Main extensions.

5.1 Mobility and multihoming.

5.2 Rendezvous server.

5.3 DNSextensions.

5.4 Registrationprotocol.

Chapter 6: Advanced extensions.

6.1 Opportunistic mode.

6.2 Piggybacking transport headers to base exchange.

6.3 HIPservicediscovery.

6.4 Simultaneous multiaccess.

6.5 DisseminatingHITswitha presenceservice.

6.6 Multicast.

Chapter 7: Performance measurements.

7.1 HIPonNokia InternetTablet.

7.2 Experimental results.

7.3 Summary.

Chapter 8: Lightweight HIP.

8.1 Security functionality of HIP.

8.2 HIPhigh-levelgoals.

8.3 LHIPdesign.

8.4 LHIPperformance.

8.5 Discussion.

Part III Infrastructure Support.

Chapter 9: Middlebox traversal.

9.1 Requirements for traversinglegacymiddleboxes.

9.2 LegacyNATtraversal.

9.3 Requirements forHIP-awaremiddleboxes.

9.4 HIP-awarefirewall.

Chapter 10: Name resolution.

10.1 Problemstatementofnaming.

10.2 DistributedHashTables.

10.3 HIPinterface toOpenDHT.

10.4 Overviewofoverlaynetworks.

10.5 Host Identity Indirection Infrastructure.

10.5.1 Separatingcontrol,data, andnaming.

10.5.2 Thedata plane.

10.5.3 Thecontrolplane.

10.5.4 Discussionof theHi3design.

Chapter 11: Micromobility.

11.1 Local rendezvousservers.

11.2 Secure micromobility.

11.3 Network mobility.

Chapter 12: Communication privacy.

12.1 SPINAT.

12.2 BLIND.

12.3 Anonymousidentifiers.

Part IV Applications.

Chapter 13: Possible HIP applications.

13.1 VirtualPrivateNetworking.

13.2 P2PInternetSharingArchitecture.

13.3 InteroperatingIPv4andIPv6.

13.4 SecureMobileArchitecture.

13.5 Liveapplicationmigration.

13.6 NetworkoperatorviewpointonHIP.

Chapter 14: Application interface.

14.1 UsinglegacyapplicationswithHIP.

14.2 API fornativeHIPapplications.

Chapter 15: Integrating HIP with other protocols.

15.1 GeneralizedHIP.

15.2 The use of Session Initiation Protocol.

15.3 EncapsulatingHIPdatausingSRTP.

15.4 ReplacingHIPbase exchangewithIKEv2.

15.5 MobileIPandHIP.

15.6 HIPproxyfor legacyhosts.

Installing and using HIP.

Bibliography.

Index.

"I recommend this book to all software writers and engineers who are working in the context of mobile IP, IPv6, and the future internet. Graduate and advanced undergraduate students who are interested in discovering a practical and challenging application of identity management models and cryptographic protocols will also benefit from this book." (Computing Reviews, May 5, 2009)

Erscheint lt. Verlag	15.9.2008
Reihe/Serie	Wiley Series in Communications Technology
Reihe/Serie	Wiley Series in Communications Technology
Sprache	englisch
Themenwelt	Informatik ► Netzwerke ► Sicherheit / Firewall
	Technik ► Elektrotechnik / Energietechnik
	Technik ► Nachrichtentechnik
Schlagworte	Communication System Security • Communication Technology - Networks • Computer Science • Electrical & Electronics Engineering • Elektrotechnik u. Elektronik • Informatik • Kommunikationsnetz • Kommunikationsnetze • Networking • Netzwerk • Netzwerke • Sicherheit in Kommunikationssystemen
ISBN-10	0-470-77290-5 / 0470772905
ISBN-13	978-0-470-77290-4 / 9780470772904

Haben Sie eine Frage zum Produkt?

PDF (Adobe DRM)
Größe: 3,2 MB

Kopierschutz: Adobe-DRM
Adobe-DRM ist ein Kopierschutz, der das eBook vor Mißbrauch schützen soll. Dabei wird das eBook bereits beim Download auf Ihre persönliche Adobe-ID autorisiert. Lesen können Sie das eBook dann nur auf den Geräten, welche ebenfalls auf Ihre Adobe-ID registriert sind.
Details zum Adobe-DRM

Dateiformat: PDF (Portable Document Format)
Mit einem festen Seitenlayout eignet sich die PDF besonders für Fachbücher mit Spalten, Tabellen und Abbildungen. Eine PDF kann auf fast allen Geräten angezeigt werden, ist aber für kleine Displays (Smartphone, eReader) nur eingeschränkt geeignet.

Systemvoraussetzungen:
PC/Mac: Mit einem PC oder Mac können Sie dieses eBook lesen. Sie benötigen eine Adobe-ID und die Software Adobe Digital Editions (kostenlos). Von der Benutzung der OverDrive Media Console raten wir Ihnen ab. Erfahrungsgemäß treten hier gehäuft Probleme mit dem Adobe DRM auf.
eReader: Dieses eBook kann mit (fast) allen eBook-Readern gelesen werden. Mit dem amazon-Kindle ist es aber nicht kompatibel.
Smartphone/Tablet: Egal ob Apple oder Android, dieses eBook können Sie lesen. Sie benötigen eine Adobe-ID sowie eine kostenlose App.
Geräteliste und zusätzliche Hinweise

Buying eBooks from abroad
For tax law reasons we can sell eBooks just within Germany and Switzerland. Regrettably we cannot fulfill eBook-orders from other countries.

Print-Ausgabe

Buch | Hardcover

104,81 €