Idea of Security Association
A Security Association is a contract between two parties; it creates a secure channel
between them. Let us assume that Alice needs to unidirectionally communicate with
Bob. If Alice and Bob are interested only in the confidentiality aspect of security, they
can create a shared secret key between themselves. We can say that there are two Security
Associations (SAs) between Alice and Bob; one outbound SA and one inbound SA.
Each of them stores the value of the key in a variable and the name of the encryption/
decryption algorithm in another. Alice uses the algorithm and the key to encrypt a message
to Bob; Bob uses the algorithm and the key when he needs to decrypt the message
received from Alice. Figure 30.8 shows a simple SA.