While IP Virtual Private Network (VPN), especially its branch IPsec (IP Security), turns out to be a practical solution for secure data exchange through the Internet, it is suffering from the tedious deployment procedure due to the shortage of centralized network management capabilities, and this can easily causes safety outages. This paper proposes to use mobile agents to automate this deployment procedure so as to reach the final goal of real-time data securing across the Internet. The intelligence of mobile agents comes from rules guiding the management of IPsec as proposed by IETF Policy-based Network Management method. An object-oriented policy information model for IPsec is presented. A case study of inter-domain IPsec provisioning, a typical mechanism coping with data security across multiple domains, demonstrates the design and implementation of this data securing mechanism.
展开▼