scope:

Specifies a protocol to be used by End Systems and Intermediate Systems in order to provide security services in the Network layer, which is defined bu CCITT Rec. X. 213/ISO/IEC 8348, and ISO 8648. The protocol defined in this standard is called the Network Layer Security Protocol (NLSP). This standard specifies 1) Support for the following security services defined in ISO 7498-2: a) peer entity authentication; b) data origin authentication; c) access control; d) connection confidentiality; e) connectionless confidentiality; f) traffic flow confidentiality; g) connection integrity without recovery (including Data Unit Integrity, in which individual SDUs on a connection are integrety protected); h) connectionless integrity 2) The functional requirements for implementations that claim conformance to this standard. The procedures of this protocol are defined in terms of: a) requirements on the cryptographic techniques that can be used in an instance of this protocol; b) requirements on the information carried in the security association used in an instance of communication.