Security Association (SA)

• For every traffic to be protected, we need to associate with it the security services and keys (how to protect) and the remote peer (with whom).

• Security Association forms a contract between two communicating entities.

• Unidirectional: each host/router A creates

  • SAout for processing outbound packets
  • SAinfor processing incoming packets

• SA is protocol specific

• SAout of host A shares the same parameters as SAin of host B

Previous slide

Next slide

Back to first slide

View graphic version