Design and Implementation of IPsec VPN IoT Gateway System in National Secret Algorithm
DOI:
https://doi.org/10.13052/jcsm2245-1439.1345Keywords:
IPsec, National secret algorithm, PFRING, Security gateway, Expressway.Abstract
With the development of Internet of Things technology, the security threats faced by the industrial control field are increasing, and strengthening the security protection capabilities of intelligent systems on IoT highways is becoming increasingly important. IPSec VPN tunneling technology can achieve identity authentication and encrypted data transmission, and is an important means to achieve secure data transmission in intelligent systems on Expressway intelligent tunnel system. The commonly used IPSec VPN gateway uses a traditional Linux protocol stack-based approach for data capture, which requires multiple data copies and context switching, resulting in low efficiency of IPSec services. In addition, the commonly used IPSec VPN security gateway is implemented on the basis of the open-source IPSec framework, using internationally recognized algorithms for encryption and decryption, which poses security risks. This article is based on the IPSec protocol, and studies the high-speed network packet capture framework PFRING technology, the fusion technology of national secret algorithm and IPSec protocol. It designs and implements an IPSec VPN IoT security gateway based on national secret algorithm. After experimental verification, the IPSec VPN gateway system constructed in this article has complete functions and better performance than the common open-source IPSec frameworks OpenSwan and strongSwan, and can meet the application requirements of IoT data encryption transmission.
Downloads
References
Xi, W., Suo, S., Cai, T., Jian, G., Yao, H., and Fan, L. (2019). A Design and Implementation Method of IPSec Security Chip for Power Distribution Network System Based on National Cryptographic Algorithms. 2019 IEEE 3rd Information Technology, Networking, Electronic and Automation Control Conference (ITNEC). IEEE.
Sun, M., Yang, S., Wang, D., Gu, J., and Cai, H. (2022). Design and implementation of control system for submersible agv. Academic Journal of Computing & Information Science.
Bhattacharya, P., and Rao, S. (2021). User and IoT (internet of things) apparatus tracking in a log management system. US10938926B2.
Bhavani, N. G., Kumar, R., Panigrahi, B. S., Balasubramanian, K., Arunsundar, B., and Abdul-Samad, Z., et al. (2022). Design and implementation of iot integrated monitoring and control system of renewable energy in smart grid for sustainable computing network. Sustainable computing: Informatics and systems.
Dzogovic, B., Mahmood, T., Santos, B., Feng, B., Do, V. T., and Jacot, N., et al. (2021). Advanced 5g network slicing isolation using enhanced vpn+ for healthcare verticals. Springer, Cham.
Gheisariy, M., Wang, G., Khanz, W. Z., and Christian Fernández-Campusano. (2019). A context-aware privacy-preserving method for iot-based smart city using software defined networking. Computers & Security, 87.
Raut, S. D., Awasarmol, V. V., Ghule, B. G., Shaikh, S. F., Gore, S. K., and Sharma, R. P., et al. (2018). Corrigendum: γ
-irradiation induced zinc ferrites and their enhanced room-temperature ammonia gas sensing properties (2018 mater. res. express 5 035702). Materials Research Express, 5(4), 049501 (1pp).
Qiji, Q. U., and Lin, Z. (2018). Design and implementation of embedded multi-gateway system based on 6lowpan. Journal of Computer Applications.
Swarup Kumar, J. N. V. R., and Suresh, D. (2021). Design and implementation of an adaptable trickle algorithm for amelioration of rpl usage in internet of things networks. Journal of Computational and Theoretical Nanoscience.
Park, S., Park, S., Park, L., Park, S., Lee, S., and Lee, T., et al. (2018). Design and implementation of a smart iot based building and town disaster management system in smart city infrastructure. Applied Sciences, 8(11).
Rahmani, A., Dibaj, M., Akrami, M., and Su, M. A. (2024). Enhancing Heat Storage Cooling Systems via the Implementation of Honeycomb-Inspired Design: Investigating Efficiency and Performance.
Zhao, F., Zhu, W., Jiang, J., and Shan, Z. (2021). Design and implementation of intelligent meter reading system in smart power grid. Journal of Physics: Conference Series.
Hussien, A. G., Sumit, K., Simrandeep, S., Jeng-Shyang, P., and Hashim, F. A. (2024). An enhanced dynamic differential annealed algorithm for global optimization and feature selection. Journal of Computational Design and Engineering (1), 1.
Dominguezdager, B., Gomezdonoso, F., Roigvila, R., and Cazorla, M. (2024). Holograms for seamless integration of remote students in the classroom.
Kwak, B. O., and Chung, T. S. (2018). Design and Implementation of Trust Domain Gateway System. 2018 International Conference on Information and Communication Technology Convergence (ICTC).
Tariq, H., Abdaoui, A., Touati, F., Al-Hitmi, M. A. E., and Mnaouer, A. B. (2020). Design and Implementation of Cadastral Geo-spatial IoT Network Gateway Analyzer for Urban Scale Infrastructure Health Monitoring. 2020 10th Annual Computing and Communication Workshop and Conference (CCWC).
Hadi, M. H., Issa, A. H., and Sabri, A. (2022). Modified salp swarm optimization algorithm (mssoa) based implementation of intelligent fault detection and isolation system for smart wireless sensor network.
Rao, R. Y., Koola, J. J., Mehta, N. D., and Haque, A. M. (2019). Design and Implementation of Adaptive Control Algorithm for IoT Based Domestic Irrigation System. 2019 10th International Conference on Computing, Communication and Networking Technologies (ICCCNT). IEEE.
Sun, C., Zheng, F., Zhou, G., and Guo, K. (2020). Design and Implementation of Cloud-based Single-channel LoRa IIoT Gateway Using Raspberry Pi. 2020 39th Chinese Control Conference (CCC).
Bhoir, R., Thakur, R., Tambe, P., Borase, R., and Pawar, S. (2020). Design and Implementation of Smart Compost System Using IOT. 2020 IEEE International Conference for Innovation in Technology (INOCON). IEEE.
Tongkaw, S., and Tongkaw, A. (2018). Multi-Vlan Design Over IPSec VPN for Campus Network. ICWise 2018 IEEE Conference on Wireless Sensors. IEEE.
Owada, Y., Sato, G., Temma, K., Kuri, T., and Nagano, T. (2019). An Implementation of Layer 2 Overlay Mesh Network and Edge Computing Platform for IoT. 2019 Twelfth International Conference on Mobile Computing and Ubiquitous Network (ICMU).
Subratie, K., Aditya, S., and Figueiredo, R. J. (2023). Edgevpn: self-organizing layer-2 virtual edge networks. Future generations computer systems: FGCS.
Stokes, J., and Barker, C. (2022). Think mass transit is ready for cybersecurity breaches? time to think again. Mass Transit (8), 47.
Mochalski, K. (2022). Visibility and cybersecurity in energy companies from control room to the substation. vgbe energy journal.
Barton, R. E., Henry, J., Yen, C. T., and Akhter, A. S. (2021). Automatic on-boarding agent for IOT edge routers in connected vehicles. US11064030B2.
Maharaja, R., Iyer, P., and Ye, Z. (2020). A hybrid fog-cloud approach for securing the internet of things. Cluster Computing, 23(4).
Shamsi, J. (2020). Security, privacy and trust in the iot environment. Computing reviews(12), 61.
Dong, S., Li, Z., Tang, D., Chen, J., Sun, M., and Zhang, K. (2019). Your smart home can’t keep a secret: towards automated fingerprinting of iot traffic with neural networks.
Sartori, D., Zou, D., Pei, L., and Yu, W. (2023). Near-optimal 3d trajectory design in presence of obstacles: a convolutional neural network approach. Robotics and Autonomous Systems, 167.
Published
How to Cite
Issue
Section
License
Copyright (c) 2024 Journal of Cyber Security and Mobility
This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.
