Ȩ > Ç¥ÁØÈ °³¿ä > TTAÀÇ Ç¥ÁØÇöȲ
Ç¥ÁعøÈ£ | [ÆóÁö] TTAE.IF-RFC5996 | ±¸Ç¥ÁعøÈ£ | |
---|---|---|---|
Á¦°³Á¤ÀÏ | 2014-12-17 | ÃÑÆäÀÌÁö | 153 |
ÇѱÛÇ¥Áظí | ÀÎÅÍ³Ý Å° ±³È¯(IKEv2) ÇÁ·ÎÅäÄÝ | ||
¿µ¹®Ç¥Áظí | Internet Key Exchange Protocol Version 2 (IKEv2) | ||
Çѱ۳»¿ë¿ä¾à | IKEv2 ÇÁ·ÎÅäÄÝÀº Á¾´Ü °£ ¾ÈÀüÇÏ°Ô Åë½ÅÇϱâ À§ÇØ SA Çù»óÀ» °ÅÃÄ ¾ÏÈ£ÈµÈ Å°¸¦ ±³È¯ÇÑ´Ù. º» Ç¥ÁØ¿¡¼ Á¦½ÃÇÏ´Â IKEv2´Â ±âÁ¸ IKEv1 ÀÇ 3 °¡Áö Ç¥ÁØ ¹®¼¸¦ 1°³ ¹®¼·Î ÅëÇÕÇÏ°í, Phase 1¿¡¼ ±³È¯µÇ¾î¾ß Çß´ø ¸Þ½ÃÁö°¡ 6°³¿¡¼ 4°³·Î º¯ÈµÇ¾ú´Ù. ¶ÇÇÑ, ¼ºñ½º °ÅºÎ(DoS) °ø°ÝÀ» °í·ÁÇÏ¿© ÄíÅ°¸¦ ÀÌ¿ëÇÑ º¸¾È ´ëÀÀÃ¥ÀÌ Æ÷ÇԵǾî ÀÖÀ¸¸ç, NAT Àåºñ¸¦ À§ÇØ Á¾´Ü °£ ÀÎÁõ ¹× ÆÐŶ ĸ½¶È¸¦ Áö¿øÇÒ ¼ö Àִ Ư¡À» °®°í ÀÖ´Ù. | ||
¿µ¹®³»¿ë¿ä¾à | This standard defines IKEv2 protocol to perform a key exchange of the SA negotiation to exchange encrypted data. IKEv2 Protocol is integrated into one document the standard documents of the existing three and The Message of phase 1 was simplified to four from six existing. The security measures in consideration Denial of Service (DoS) attacks, using cookies is included, and it has a feature that can support the encapsulation and packet authentication across for the NAT devices. | ||
±¹Á¦Ç¥ÁØ | |||
°ü·ÃÆÄÀÏ | TTAE.IF-RFC5996.pdf |
- ÀÌÀü
- HMAC ±â¹Ý Å° À¯µµ ÇÔ¼ö
- ´ÙÀ½
- Çؽà ÇÔ¼ö LSH