One of the challenges facing the current Internet architecture is the incorporation of mobile and multi-homed terminals (hosts), and an overall lack of protection against Denial-of-Service attacks and identity spoofing. The Host Identity Protocol (HIP) is being developed by the Internet Engineering Task Force (IETF) as an integrated solution to these problems. The book presents a well-structured, readable and compact overview of the core protocol with relevant extensions to the Internet architecture and infrastructure. The covered topics include the Bound End-to-End Tunnel Mode for IPsec, Overlay Routable Cryptographic Hash Identifiers, extensions to the Domain Name System, IPv4 and IPv6 interoperability, integration with SIP, and support for legacy applications.
Unique features of the book:
- All-in-one source for HIP specifications - Complete coverage of HIP architecture and protocols - Base exchange, mobility and multihoming extensions - Practical snapshots of protocol operation - IP security on lightweight devices - Traversal of middleboxes, such as NATs and firewalls - Name resolution infrastructure - Micromobility, multicast, privacy extensions - Chapter on applications, including HIP pilot deployment in a Boeing factory - HOWTO for HIP on Linux (HIPL) implementation
An important compliment to the official IETF specifications, this book will be a valuable reference for practicing engineers in equipment manufacturing companies and telecom operators, as well as network managers, network engineers, network operators and telecom engineers. Advanced students and academics, IT managers, professionals and operating system specialists will also find this book of interest.
Foreword. (Jari Arkko)
Foreword. (David Hutchison)
Part I Introduction.
Chapter 1: Overview.
1.2 HIPin the Internetarchitecture.
1.4 Organization of the book.
Chapter 2: Introduction to network security.
2.1 Goalsof cryptographicprotocols.
2.2 Basics andterminology.
Part II The Host Identity Protocol.
Chapter 3: Architectural overview.
3.1 Internet namespaces.
3.2 Methods of identifying a host.
Chapter 4: Baseprotocol.
4.1 Base exchange.
4.3 IPsec encapsulation.
Chapter 5: Main extensions.
5.1 Mobility and multihoming.
5.2 Rendezvous server.
Chapter 6: Advanced extensions.
6.1 Opportunistic mode.
6.2 Piggybacking transport headers to base exchange.
6.4 Simultaneous multiaccess.
6.5 DisseminatingHITswitha presenceservice.
Chapter 7: Performance measurements.
7.1 HIPonNokia InternetTablet.
7.2 Experimental results.
Chapter 8: Lightweight HIP.
8.1 Security functionality of HIP.
Part III Infrastructure Support.
Chapter 9: Middlebox traversal.
9.1 Requirements for traversinglegacymiddleboxes.
9.3 Requirements forHIP-awaremiddleboxes.
Chapter 10: Name resolution.
10.3 HIPinterface toOpenDHT.
10.5 Host Identity Indirection Infrastructure.
10.5.1 Separatingcontrol,data, andnaming.
10.5.2 Thedata plane.
10.5.4 Discussionof theHi3design.
Chapter 11: Micromobility.
11.1 Local rendezvousservers.
11.2 Secure micromobility.
11.3 Network mobility.
Chapter 12: Communication privacy.
Part IV Applications.
Chapter 13: Possible HIP applications.
Chapter 14: Application interface.
14.2 API fornativeHIPapplications.
Chapter 15: Integrating HIP with other protocols.
15.2 The use of Session Initiation Protocol.
15.4 ReplacingHIPbase exchangewithIKEv2.
15.6 HIPproxyfor legacyhosts.
Installing and using HIP.