next up previous
Next: 4.3 Security Service Up: 4 Secure TCP Protocols Previous: 4.1.2 Key Exchange

4.2 State Transition

The operation of the Secure TCP can be explained with ``state transition machine''. The Secure TCP state transition machine is shown in Figure 4. In ``ESTABLISHED'' state, peer entities should deal with the Secure TCP segment. Exceptionally, in the state ``RECV ESTABLISHED'', the entity deals with a received TCP segment as the Secure TCP and a TCP segment will be sent as the classical TCP.

The entity A in the Figure 2 makes a following state transmission. The entity A begins in the state ``CLOSED''. First, A sends a SYN+NEGOs segment to B actively and move to the state ``SYN SENT''. Next, A receives a SYN+ACK+NEGOr+KEYs segment, sends ACK and traverses to the state ``RECV ESTABLISHED''. In this state, A can receive only a Secure TCP segment. Finally, A receives a ACK segment and moves to the state ``ESTABLISHED'', and then begins data transfer with the Secure TCP segment.

Figure 4:   State Transition Machine

Toshiyuki Tutumi
Sat Apr 29 04:12:04 GMT+0900 1995