IPsec, VPNs and the Dynamic VNP Controller (DVC)

PDF

Authors
  1. Froh, M.
Corporate Authors
Defence R&D Canada - Ottawa, Ottawa ONT (CAN);Cinnabar Networks, Ottawa Ont (CAN)
Abstract
IP Security (IPsec) protocols and Virtual Private Network (VPN) products that implement these protocols can provide authenticated secure communication channels. Defence Research and Development Canada Ottawa has been studying the use of VPN technology to support secure communications for dynamic coalitions and has developed a prototype Dynamic VPN Controller (DVC) to demonstrate how this technology could be applied to dynamic coalitions. This report proposes dynamic coalition usage scenarios and derives previously unarticulated VPN requirements, or capabilities. A brief survey of IPsec standards development, open-source IPsec implementations, commercial IPsec implementations, and military IPsec implementations is provided. The IPsec standards and implementations are examined for their support of capabilities required by dynamic coalition VPNs. The DVC prototypte is then evaluated against the dynamic coalition VPN capabilities. The report concludes with suggestions for additional research to further develop. DVC policy negotiation; DVC trust; identify; and namespace management; DVC prototype hardening; DVC coalition scenario development; and alternate DVC technical architectures.
Keywords
Internet Protocol Security;IPsec;Virtual Private Network;VPN;Security policy negotiation;Information technology;Military coalition;Communications security;COMSEC;open-source;GNU Public License;GPL;Internet Engineering Task Force;IETF;Request for Comment;RFC;IT Management;Electronic key management;EKMS;Internet Protocol Version 6;IPv6;Public Key Infrastructure;PKI;Certificate Authority
Report Number
DRDC-OTTAWA-CR-2004-060;CNI-DRD004-001 — Contractor Report
Date of publication
01 Mar 2004
Number of Pages
45
DSTKIM No
CA024771
CANDIS No
522384
Format(s):
Hardcopy;CD ROM

Permanent link

Document 1 of 1

Date modified: