×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

SA

Document

Thu, 09/17/2009 - 03:05
Jun 9th, 2009
User Badges:

Description:

1. Service Affecting (SA)

2. Security Association (SA)


Complete Definition:

1. Service Affecting. Category of conditions that interrupt payload traffic. See also NSA (non-service affecting).


2. Security Association. A security association (SA) is the establishment of shared security information between two network entities to support secure communication. An SA may include cryptographic keys, initialization vectors or Digital Certificates.


An SA is a simplex (one-way channel) and logical connection which endorses and provides a secure data connection between the network devices. The fundamental requirement of an SA arrives when the two entities communicate over more than one channel. Take an example of mobile subscriber and a base station. The subscriber may subscribe itself for more than one service. Therefore each service may have different service primitives like a data encryption algorithm, public key (see Public Key Infrastructure PKI) or initialization vector. Now to make things easier, all this security information is grouped logically. This logical group itself is a Security Association. Each SA has its own identifier number ID called SAID (pronounced SA ID). So now the base station and mobile subscriber will share the SAID and they will derive all the security parameters, making things a lot easier.

In a nutshell, an SA is a logical group of security parameters, that ease the sharing of information to another entity.

Two basic types of SAs are:

  • Tunnel mode
  • Transport mode


Also See:

Loading.

Actions

This Document

Related Content