@techreport{amjads-ipsecme-ikev2-data-channel-01,
    number =    {draft-amjads-ipsecme-ikev2-data-channel-01},
    type =      {Internet-Draft},
    institution =   {Internet Engineering Task Force},
    publisher = {Internet Engineering Task Force},
    note =      {Work in Progress},
    url =       {https://datatracker.ietf.org/doc/draft-amjads-ipsecme-ikev2-data-channel/01/},
    author =    {Amjad S. Inamdar and Rajeshwar Jenwar},
    title =     {{IKEv2 based lightweight secure data communication draft-amjads-ipsecme-ikev2-data-channel-01 (D-IKE)}},
    pagetotal = 15,
    year =      2014,
    month =     mar,
    day =       12,
    abstract =  {The Internet Key Exchange (IKEv2) protocol provides authentication, confidentiality, integrity, data-origin authentication and anti- replay. Currently, IKEv2 is mainly used as a control channel to negotiate IPsec SA(s). IPsec is not well suited to provide transport layer security for applications as it resides at the network layer and most of the IPsec implementations require integration into operating systems making it difficult to deploy. IPsec uses different sessions for control and data traffic which is not NAT and load balancer friendly. TLS/DTLS, the other popular security mechanism to provide the above security services does not mandate mutual peer authentication and Diffie Hellman exchange. This document describes an IKEv2 based lightweight secure data communication protocol and a way to provide transport layer security for UDP client/server applications. The protocol provides integrity protected encryption and integrity-only protection based on application needs. As most of the IoT applications are UDP based, IKEv2 can be used for key management as well secure data communication in IoT due to its simplicity, scalability, lightweightedness and ease of deployment.},
}