Article Preview
Top1. Introduction
The concept of cloud computing offers new methods and approaches for information processing and data transmission and however, the Federal CIO Vivek Kundra has emphasized that information security is still a top concern about cloud computing (Worthen, 2009). For instance, In Cloud, the data and associated software are not under their control (Aljawarneh, 2011).The increasing demand for communication over public networks has brought with it a need to securely protect sensitive information sent over this open network (Alhaj, 2013). The TLS protocol has become a de facto standard for cryptographic protection of the Internet http traffic. After developing its limitations, TLS3.0 aims to provide Internet client/ server applications with a practical security mechanism (Rescotla, 2001).
IPSec is a suite of protocols designed to provide high quality cryptographically-based security for IPv4 and IPv6. IPSec provides security services: access control, integrity, authentication, confidentiality (encryption), and replay protection to the IP layer as well as the layers above (Stallings, 2003).
IPSec is a suite of protocols that adds security to communications at the IP level. This suite of protocols is becoming more and more important as it is included as mandatory security mechanism in IPv6. IPSec is mainly composed of two protocols, Authentication Header (AH) and Encapsulating Security Payload (ESP). The former allows authentication of each IP datagram’s selected header fields or depending on the operational mode that has been selected – of the entire IP datagram. The latter allows encryption – and optionally authentication – of the entire IP datagram or of the IP payload, depending on the operational mode that has been selected, namely the transport and the tunnel modes. The former was designed for being used in host machines, while the latter is for secure gateways. In tunnel mode the entire original IP datagram is processed; the result becoming the data payload of a new IP datagram with a new IP header. In transport mode only parts of the original IP datagram are processed (e.g., the data payload for the ESP protocol) and the original IP header is kept with some small modifications. Through encryption, authentication, and other security mechanisms included in IPSec (e.g., anti-reply), data confidentiality, data authentication, and peer’s identity authentication can be provided [1, 2, 3].
The SDTM will investigate IPSec to secure the communication between one or more paths, between two pairs of hosts, between a pair of security gateways, and a host and a security gateway (SG). This is why we will compare between TLS and the SDTM to show the properties of the SDTM.
1.1. Description of the SDTM
The main goal of the S SDTM is to data transmission algorithm with preemption control algorithm in heterogeneous networks and providing quality of service data transmission: possibly, maximizing throughput, minimizing delay and lost packets by implementing the strongest security strategy and investigating various security algorithms.