Mobile IPsec infrastructures based on SINA

Funding since October 2010 over 24 months by the BMBF.

Partners involved:

secunet Security Networks AG Department of Telematics/Computer Networks, TU Ilmenau.

Contact person:

Dipl.-Inf. Michael Roßberg(technical) Prof. Dr.-Ing. Günter Schäfer (administrative).

Short description:

Today, secure networking between company or authority locations is usually solved with the help of virtual private networks (VPN) due to cost and security reasons. In these, the transport of confidential data is encrypted and protected by so-called cryptographic tunnels over untrusted networks. The state of the art is primarily virtual private networks based on the Internet standard IPsec, in which devices located within delimited subnets can communicate securely with each other. The greatest obstacle to practical use to date has been the sometimes complex manual configuration of IPsec VPN, since the standard is characterized by a low degree of automation. This hinders e.g. the use in scenarios with mobile participants and the fast reaction to availability attacks. The objective of the joint project Mobil-SOLID-SINA is the research and further development of promising preliminary concepts and prototypes in order to address the above-mentioned essential problem of today's VPN infrastructures: The limited integration of mobile VPN subscribers in insecure environments. In this way, it should be possible, for example in disaster scenarios or for large events, to quickly provide a secure communication environment for mobile emergency vehicles without complex configuration. Another advantage of mobility management in VPN systems is expected in the reaction to availability attacks. The support of high node dynamics allows a fast and secure setup of alternative VPN topologies if individual VPN devices or transport network connections can no longer be used due to attacks. Thus, the project can contribute to guaranteeing the availability of VPNs of authorities and companies even in case of an increase of sabotage attacks.