An association between two nodes that specifies security parameters, including cryptography algorithm, cryptography key and expiration time.
a combination of a destination address, a security protocol, and a unique identification value, called a Security Parameters Index (SPI)
a combination of your IP addresses, an SPI, and your security protocol (AH and/or ESP)
a commonly used term in cryptographic systems (e
a management tool used to enforce a security policy in the IPsec environment
an administrative grouping of site managers who have agreed to use common procedures to control security elements such as encryption keys, encryption algorithms, and identification methods
a security- protocol- specific set of parameters that completely defines the services and mechanisms necessary to protect traffic at that security protocol location
a set of parameters that determine how two or more routers use security services
a unique identifier that consists of a Security Parameter Index (SPI), an IP Destination Address, and a security protocol (AH or ESP) identifier
A set of parameters that defines the services and mechanisms necessary to protect Internet Protocol security communications. See also Internet Protocol security (IPSec).
An IPSec security association (SA) is a description of how two or more entities will use security services in the context of a particular security protocol (AH or ESP) to communicate securely on behalf of a particular data flow. It includes such things as the transform and the shared secret keys to be used for protecting the traffic. The IPSec security association is established either by IKE or by manual user configuration. Security associations are uni-directional and are unique per security protocol. So when security associations are established for IPSec, the security associations (for each protocol) for both directions are established at the same time. When using IKE to establish the security associations for the data flow, the security associations are established when needed and expire after a period of time (or volume of traffic). If the security associations are manually established, they are established as soon as the necessary configuration is completed and do not expire.
A secure communication channel and its parameters, such as encryption method, keys and lifetime.
Terminology in for one secret key together with one set of cryptographic parameters agreed upon during the authentication and key exchange process.
An IPSec term that describes an agreement between two parties about what authentication and encryption algorithms, key exchange mechanisms and rules to use for secure communications.
The IPSEC mechanism by which the management of authentication and encryption algorithms and their keys are decoupled from the suite of IPSEC protocols. A bidirectional communications session (A-B) will normally have one Security Association (SA) for each direction - one for A-B traffic, and another for B-A traffic. The SPI, a 32-bit number contained in the packet, identifies the SA, and, hence, the algorithms and keys to be used in the processing of the packet.
A security association (SA) is the establishment of shared security information between two network entities to support secure communication. An SA may include cryptographic keys, initialization vectors or digital certificates.
