**5.2 The design of IPS trusted communication protocol**

The design of the mechanism of trusted data communication is illustrated by figure 17:

Fig. 17. The mechanism of trusted communication for IPS

#### **Application Layer**

78 Security Enhanced Applications for Information Systems

In this subsection, we have presented a uniform high-speed traffic collection platform for intrusion detection/prevention based on sampling on FPGAs—called HSTCP—that has the ability to cope with very high speed network traffic (even Tbps). By employing complete mice flows' capture and adaptive elephant flow sampling, HSTCP effectively reduces the volume of network traffic for intrusion detection/prevention without losing its intrinsic characteristics. In addition, HSTCP provides a flexible and scalable platform for network

**5. The research of trusted communication protocol for intrustion prevention** 

A trusted communication mechanism proposed in this chapter applied to the correlation between firewall and IDS in a distributed intrusion prevention system. It is mainly based on middleware technology and security Protocol standard techniques. And the middleware technology is CORBA. If CORBA underlies network layer, it may encapsulate the underlying unit; which may make the application transparent to the up-layer. In this paper,

The design of the mechanism of trusted data communication is illustrated by figure 17:

IDSs/IPSs faced to the challenge of future high-speed networks.

TLS is applied to the trusted data transmission between firewall and IDS.

**5.2 The design of IPS trusted communication protocol** 

Fig. 17. The mechanism of trusted communication for IPS

**5.1 IPS trusted communication mechanism** 

**4.3 Summary** 

**system** 

The application layer mainly refers to Client and Server; in this paper it represents firewall and IDS. During the transmission, both of the firewall and IDS can be client or server. Firewall and IDS system are all in the network layer. Firewall provides the data source and a place to process the final data while IDS is responsible for receiving data request from firewall and analyzing them, and then return the processed results to the firewall.

#### **XML parsing layer**

This layer primarily encapsulates and analyzes the communicated data.

#### **Message transaction layer**

In this paper, a security protocol called TLS (Transport Layer Security) applied to supporting the security and reliability for data communicate among each other. It also may protect the privacy of the applications and users for network communication. When server and client are communicated, TLS could make sure important messages won't be sniffered or stolen by the third party. It is a successor protocol followed by SSL.

#### **CORBA security service**

CORBA security service (CORBASec) is an important public object service in CORBA. It constructs secure language environment between client objects and service objects, and also provides better security service [10].
