In cloud-based environments, resources are frequently shared between multiple clients, creating a multi-tenant environment. As each client has the capacity to create and establish one or more security policies for negotiating access into cloud-based environments, it is important to ensure that individual policies are respected, and in particular, that conflicts between policies do not occur.
During establishment of an IPsec session, an initiator and a responder exchange a series of messages in order to negotiate selection of various security parameters and perform authentication. In protocols such as Internet Key Exchange (IKE) or Internet Key Exchange version 2 (IKEv2), security parameters are selected during first exchange of messages. However, the identity of the initiator is not known by the responder during this first exchange, and therefore, the proper security policy may not be selected by the responder.