1. Field of the Invention
An apparatus and method consistent with the invention relates to packet security, and more particularly, to a packet security method and apparatus that can adjust a security level according to a packet feature.
2. Description of the Related Art
A major issue that has arisen from the use of an open network such as the Internet is a security problem in which a hacker intrudes into a system from outside the system, or illegally accesses the system by pretending to be a third party.
Internet Protocol Security (IPSec) and Secure Socket Layer (SSL) are used representatively to solve this Internet security problem.
IPSec encrypts data to enable both devices to communicate with each other safely, due to the expansion of the Internet standard for authentication and encryption at an IP layer. Both devices communicating via IPSec first share security information by performing a security association which associates a key with authentication and encryption algorithms through Internet key exchange (IKE), and then apply a security function to data that is transmitted according to the information to transmit the data with the security function.
SSL encrypts data to secure safe communications between both devices at a presentation layer, determines a key and an algorithm to be used between both devices through a handshake protocol, and then uses values of the key and the algorithm in the communications between both devices.
According to the conventional security technology, only a key and an algorithm are applied to a device, irrespective of features of the transmitted packet, and only a security function that is determined in the process of security association is applied to the device.
Since only a predetermined key, algorithm, and security function are applied to a device, without considering the type and features of a transmitted packet, as described above, an excessive security function may be applied to the device when in actuality only a lower level of security is required, which causes resources to be used inefficiently. By contrast, insufficient security may be applied to the device even though a high level of security is actually required.