University of Camerino
Current security protocols such as IPSec and TLS/SSL provide security mechanisms to authenticate and protect the communication between end-hosts over the Internet. Nonetheless, the arise of new communication scenarios, e.g., mobility and heterogeneous networks has exposed some technical limitations of these protocols. Both protocols employ the IP address as end-host identifier to establish security associations between the parties, entangling the end-host identification with its topological location. In order to overcome these limitations, the authors propose the IDentification layer Security (IDSec), a security model to provide authentication based on public key cryptography with Denial of Service (DoS) attack resistance capabilities and data integrity and confidentiality.