Stephen Kent (network security)

Last updated
Stephen Kent
Stephen Kent - 2013.jpg
Born (1951-01-25) January 25, 1951 (age 73)

Stephen Thomas Kent (born January 25, 1951) is an American computer scientist, noted for his contributions to network security.

Kent was born in New Orleans, Louisiana. In 1969 he graduated from Ridgewood Preparatory School in Metairie, Louisiana, and in 1973 from Loyola University New Orleans with a B.S. degree in mathematics.[ citation needed ] From 1973 to 1974 he attended Tulane University as graduate student in mathematics, then moved to the Massachusetts Institute of Technology as a graduate student in computer science from 1974 to 1980. He received his master's degree from MIT in 1976, [1] and his PhD in 1980. [2]

While a graduate student, Kent spent two summers at BBN Technologies, which he joined full-time in 1980 after receiving his doctorate degree. He ultimately became BBN's Chief Scientist for Security Technologies. Kent is best known for his role in developing Internet standards. He served as a member of the Internet Architecture Board (1983-1994), and chaired the Privacy and Security Research Group of the Internet Research Task Force (1985-1998) and the Privacy Enhanced Mail (PEM) working group of the Internet Engineering Task Force (IETF) from 1990 to 1995, during which time he also co-chaired the Public Key Infrastructure Working Group. [3] In 1988, he was the primary author of the "core" IPsec standards, [4] [5] [6] which he continued improving in 2005. [7] [8] [9] [10] He was also active in efforts to secure the Border Gateway Protocol. He also chaired the Federal Advisory Committee to Develop a FIPS for Federal Key Management Infrastructure (1996-1998), and was active in a number of National Research Council studies.

Kent is an ACM Fellow and a member of the Internet Society. He was inducted into the Internet Hall of Fame in 2013, where he is recognized as "a pioneer in the architecture of network security systems, including the design and development of network layer encryption and access-control systems and standards; secure transport layer protocols; secure e-mail technology; Public Key Infrastructure standards and certification authority systems." [11]

Related Research Articles

The Dynamic Host Configuration Protocol (DHCP) is a network management protocol used on Internet Protocol (IP) networks for automatically assigning IP addresses and other communication parameters to devices connected to the network using a client–server architecture.

In computer network engineering, an Internet Standard is a normative specification of a technology or methodology applicable to the Internet. Internet Standards are created and published by the Internet Engineering Task Force (IETF). They allow interoperation of hardware and software from different sources which allows internets to function. As the Internet became global, Internet Standards became the lingua franca of worldwide communications.

An Internet Protocol address is a numerical label such as 192.0.2.1 that is assigned to a device connected to a computer network that uses the Internet Protocol for communication. IP addresses serve two main functions: network interface identification, and location addressing.

<span class="mw-page-title-main">IPv4</span> Fourth version of the Internet Protocol

Internet Protocol version 4 (IPv4) is the first version of the Internet Protocol (IP) as a standalone specification. It is one of the core protocols of standards-based internetworking methods in the Internet and other packet-switched networks. IPv4 was the first version deployed for production on SATNET in 1982 and on the ARPANET in January 1983. It is still used to route most Internet traffic today, even with the ongoing deployment of Internet Protocol version 6 (IPv6), its successor.

<span class="mw-page-title-main">IPv6</span> Version 6 of the Internet Protocol

Internet Protocol version 6 (IPv6) is the most recent version of the Internet Protocol (IP), the communications protocol that provides an identification and location system for computers on networks and routes traffic across the Internet. IPv6 was developed by the Internet Engineering Task Force (IETF) to deal with the long-anticipated problem of IPv4 address exhaustion, and was intended to replace IPv4. In December 1998, IPv6 became a Draft Standard for the IETF, which subsequently ratified it as an Internet Standard on 14 July 2017.

The Internet protocol suite, commonly known as TCP/IP, is a framework for organizing the set of communication protocols used in the Internet and similar computer networks according to functional criteria. The foundational protocols in the suite are the Transmission Control Protocol (TCP), the User Datagram Protocol (UDP), and the Internet Protocol (IP). Early versions of this networking model were known as the Department of Defense (DoD) model because the research and development were funded by the United States Department of Defense through DARPA.

A multicast address is a logical identifier for a group of hosts in a computer network that are available to process datagrams or frames intended to be multicast for a designated network service. Multicast addressing can be used in the link layer, such as Ethernet multicast, and at the internet layer for Internet Protocol Version 4 (IPv4) or Version 6 (IPv6) multicast.

In computing, Internet Protocol Security (IPsec) is a secure network protocol suite that authenticates and encrypts packets of data to provide secure encrypted communication between two computers over an Internet Protocol network. It is used in virtual private networks (VPNs).

<span class="mw-page-title-main">Network Time Protocol</span> Standard protocol for synchronizing time across devices

The Network Time Protocol (NTP) is a networking protocol for clock synchronization between computer systems over packet-switched, variable-latency data networks. In operation since before 1985, NTP is one of the oldest Internet protocols in current use. NTP was designed by David L. Mills of the University of Delaware.

In computing, Internet Key Exchange is the protocol used to set up a security association (SA) in the IPsec protocol suite. IKE builds upon the Oakley protocol and ISAKMP. IKE uses X.509 certificates for authentication ‒ either pre-shared or distributed using DNS ‒ and a Diffie–Hellman key exchange to set up a shared session secret from which cryptographic keys are derived. In addition, a security policy for every peer which will connect must be manually maintained.

The Bootstrap Protocol (BOOTP) is a computer networking protocol used in Internet Protocol networks to automatically assign an IP address to network devices from a configuration server. The BOOTP was originally defined in RFC 951 published in 1985.

In Internet networking, a private network is a computer network that uses a private address space of IP addresses. These addresses are commonly used for local area networks (LANs) in residential, office, and enterprise environments. Both the IPv4 and the IPv6 specifications define private IP address ranges.

The Neighbor Discovery Protocol (NDP), or simply Neighbor Discovery (ND), is a protocol of the Internet protocol suite used with Internet Protocol Version 6 (IPv6). It operates at the internet layer of the Internet model, and is responsible for gathering various information required for network communication, including the configuration of local connections and the domain name servers and gateways.

<span class="mw-page-title-main">Bob Braden</span> American computer scientist (1934–2018)

Robert T. Braden was an American computer scientist who played a role in the development of the Internet. His research interests included end-to-end network protocols, especially in the transport and network layers.

The internet layer is a group of internetworking methods, protocols, and specifications in the Internet protocol suite that are used to transport network packets from the originating host across network boundaries; if necessary, to the destination host specified by an IP address. The internet layer derives its name from its function facilitating internetworking, which is the concept of connecting multiple networks with each other through gateways.

A Request for Comments (RFC), in the context of Internet governance, is a type of publication from the Internet Engineering Task Force (IETF) and the Internet Society (ISOC), usually describing methods, behaviors, research, or innovations applicable to the working of the Internet and Internet-connected systems.

An IPv6 packet is the smallest message entity exchanged using Internet Protocol version 6 (IPv6). Packets consist of control information for addressing and routing and a payload of user data. The control information in IPv6 packets is subdivided into a mandatory fixed header and optional extension headers. The payload of an IPv6 packet is typically a datagram or segment of the higher-level transport layer protocol, but may be data for an internet layer or link layer instead.

In computer networking, the link layer is the lowest layer in the Internet protocol suite, the networking architecture of the Internet. The link layer is the group of methods and communications protocols confined to the link that a host is physically connected to. The link is the physical and logical network component used to interconnect hosts or nodes in the network and a link protocol is a suite of methods and standards that operate only between adjacent network nodes of a network segment.

Bump-in-the-wire (BITW) is a class of communications devices which can be inserted into existing (legacy) systems to enhance the integrity, confidentiality, or reliability of communications across an existing logical link without altering the communications endpoints. The term was originally used to indicate that the device should introduce only a relatively small increased latency in communications compared to the original, unsecured, approach.

References

  1. Encryption-based Protection Protocols for Interactive User-Computer Communication over Physically Unsecured Channels, by Stephen Thomas Kent, masters thesis, Massachusetts Institute of Technology, June 1976.
  2. Protecting Externally Supplied Software in Small Computers, PhD thesis, Massachusetts Institute of Technology, September 1980, Biography, pages 253-254.
  3. "Dr. Stephen T. Kent", IT History Society.
  4. S. Kent; R. Atkinson (November 1998). Security Architecture for the Internet Protocol. Network Working Group. doi: 10.17487/RFC2401 . RFC 2401.Obsolete. Obsoleted by RFC  4301. Obsoletes RFC  1825. Updated by RFC  3168.
  5. S. Kent; R. Atkinson (November 1998). IP Authentication Header. Network Working Group. doi: 10.17487/RFC2402 . RFC 2402.Obsolete. Obsoleted by RFC  4303 and 4205. Obsoletes RFC  1826.
  6. D. Harkins; R. Atkinson (November 1998). IP Encapsulating Security Payload (ESP). Network Working Group. doi: 10.17487/RFC2406 . RFC 2406.Obsolete. Obsoleted by RFC  4303, 4305. Obsoletes RFC  1827.
  7. S. Kent; K. Seo (December 2005). Security Architecture for the Internet Protocol. Network Working Group. doi: 10.17487/RFC4301 . RFC 4301.Proposed Standard. Obsoletes RFC  2401. Updated by RFC  6040 and 7619.
  8. S. Kent (December 2005). IP Authentication Header. Network Working Group. doi: 10.17487/RFC4302 . RFC 4302.Proposed Standard. Obsoletes RFC  2402.
  9. S. Kent (December 2005). IP Encapsulating Security Payload. Network Working Group. doi: 10.17487/RFC4303 . RFC 4303.Proposed Standard. Obsoletes RFC  2406.
  10. S. Kent (December 2005). Extended Sequence Number (ESN) Addendum to IPsec Domain of Interpretation (DOI) for Internet Security Association and Key Management Protocol (ISAKMP). Network Working Group. doi: 10.17487/RFC4304 . RFC 4304.Proposed Standard.
  11. "Stephen Kent", Internet Hall of Fame.
This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.