Security Policy Database (SPDB): It defines security services that can be used for IP packets and how to obtain these services. The SPDB determines the SA scope and relevant attributes and is the basis of SA establishment.

Security Association Database (SADB): It saves the storage structure of data in all states associated with the SAs. Because a network entity can create multiple pairs of SAs, a database is required to store and manage the SAs.

Security Parameter Index (SPI): It is a 32-bit number carried in an AH or ESP header. The receiver determines the SA in the SADB used to protect the received data flow based on the SPI.