Security Association Database
E522220
The Security Association Database is a collection of active IPsec security associations that store the parameters and keys used to protect network traffic according to the system’s security policies.
Observed surface forms (1)
| Surface form | Occurrences |
|---|---|
| IPsec Security Association model | 1 |
Statements (44)
| Predicate | Object |
|---|---|
| instanceOf |
IPsec component
ⓘ
network security data structure ⓘ |
| alsoKnownAs | SAD NERFINISHED ⓘ |
| associatedWith | Security Policy Database ⓘ |
| contains |
encryption algorithm identifiers
ⓘ
integrity algorithm identifiers ⓘ mode of operation for each SA ⓘ path MTU or related parameters for SAs ⓘ |
| containsEntriesFor | unidirectional security associations ⓘ |
| contributesTo |
anti-replay protection
ⓘ
confidentiality of IP traffic ⓘ integrity of IP traffic ⓘ |
| definedIn | IPsec architecture ⓘ |
| ensures | availability of parameters for packet processing ⓘ |
| implementedIn |
IPsec-capable routers
ⓘ
VPN gateways ⓘ operating system network stack ⓘ |
| indexedBy |
IPsec protocol (AH or ESP)
ⓘ
Security Parameters Index NERFINISHED ⓘ destination IP address ⓘ |
| lifetimeControlledBy | security association lifetimes ⓘ |
| maintainedBy |
IKE
NERFINISHED
ⓘ
IPsec key management mechanisms ⓘ manual keying procedures ⓘ |
| relatedTo |
IPsec transport mode
ⓘ
IPsec tunnel mode ⓘ key management protocols ⓘ |
| role | runtime state repository for IPsec SAs ⓘ |
| scope | per IPsec endpoint ⓘ |
| specifiedBy | RFC 4301 NERFINISHED ⓘ |
| stores |
IPsec security associations
ⓘ
anti-replay information ⓘ cryptographic keys ⓘ lifetime information for security associations ⓘ security parameters ⓘ sequence number state ⓘ |
| updatedWhen |
security associations are created
ⓘ
security associations are deleted ⓘ security associations are rekeyed ⓘ |
| usedBy |
Authentication Header
ⓘ
Encapsulating Security Payload NERFINISHED ⓘ IPsec implementation ⓘ |
| usedFor |
enforcing IPsec security policies
ⓘ
protecting IP network traffic ⓘ |
Referenced by (2)
Full triples — surface form annotated when it differs from this entity's canonical label.