PROTECTION BOUNDARY FOR INTERNETWORK SECURITY

A new protection boundary model for internetwork security is presented , and a security protocol suitable for the model proposed. Intermediat e systems of the model do not fulfill security of service or confident iality but authentication and integrity. The system does not require t hat the intermediate systems be fully secure, thus it is practical and can be easily implemented. Data between destination hosts are also pr otected through the confidentiality service, for which session keys ar e distributed under the proposed protocol with peer entity authenticat ion.