Research on security policy of IPSec remote access VPN

1 Introduction

With the rapid development of public networks such as internet and the development trend of international economic integration, there is more and more demand for the transmission of information through network between enterprises. How to guarantee the safety and efficiency of communication at the lowest cost is an issue of great concern to enterprises. The popular solution is to use tunneling technology to establish secure virtual private networks, the virtual private network (VPN), on insecure public networks such as the Internet.

IPSec is a protocol to implement VPN, and is becoming more and more widely used, and will become the main standard of virtual private network. Although IPSec is already a very inclusive and powerful IP security protocol, it is still not a very complete set of scenarios that apply to all configurations, and there are still some issues that need to be addressed. In this paper, based on the analysis of the IPSec-related protocol and the problem of the security policy of the IPSec protocol family, we propose to use the centralized test strategy management in the remote access model and study the management system.

2 IPSec VPN

The IPSec protocol provides interoperable, high-quality, cryptographic-based security solutions for IPV4 and IPV6. Including access control, connectionless integrity, data source authentication, prevent replay attacks, information encryption and traffic confidentiality and other security services. All of these services are based on the IP layer and protect the upper level protocols. These services are implemented through the use of two security protocols: Authentication Header ah[rfc2402] and Encapsulating Security Payload esp[rfc2406] and by using encryption key management processes and protocols. These encryption key management procedures and protocols include Internet Security Federation (SA) and Key Management Protocol (ISAKMP) [RFC2408], and Internet Key exchange Protocol (IKE) [RFC2409].

2.1 Authentication Header (AH) protocol. The purpose of the Protocol is to increase the security of IP packets. The AH protocol provides connectionless integrity, data source authentication, and replay protection services.

2.2 Encapsulating Security Payload (ESP) protocol. The purpose of the protocol, like the Authentication Header (AH), is to improve IP security. ESP provides data confidentiality, data source authentication, connectionless integrity, replay-resistant services, and limited data flow protection.

Both the AH and ESP protocols support two modes of operation: Transfer mode and tunnel mode. The transport mode provides security for the upper layer protocol, protecting the payload of IP packets or protecting upper layer protocols such as TCP, UDP, and ICMP. Tunnel mode is to provide protection for the entire IP packet.

2.3 Internet Security Federation Key Management Protocol (ISAKMP). The Protocol defines procedures and package formats for negotiating, establishing, modifying, and deleting an SA. ISAKMP provides a common SA attribute format framework and some methods for negotiation, modification, and deletion of SAS that can be used by different key exchange protocols. ISAKMP is designed as a key exchange-independent protocol, and does not allow it to be restricted to any specific key exchange protocol, cryptographic algorithm, key generation technology or authentication mechanism.

2.4 IKE. IKE is a protocol that negotiates and provides authenticated key information in a protected manner. IKE is a hybrid protocol that uses the relevant parts of three different protocols: Internet Security Federation and Key Management Protocol (ISAKMP) [MSST98], Oakley key determination protocol [ORM98], and Skeme[kra96]. IKE provides the IPSec Parties with key information for generating encryption keys and authentication keys. Similarly, IKE uses ISAKMP to negotiate SAS for other IPSec (AH and ESP) protocols.