Abstract
ISPs now offer Internet access via cable modem or DSL, which provide much higher bandwidth than does PSTN. Higher access bandwidths allow ISP customers to exploit NAT (network address and port translation) to amortize the cost of an ISP account among multiple computers. The reduced per-computer cost may encourage airport lounges, hotels, and other businesses that serve “road warriors” to provide Internet connectivity to their clients. Unfortunately, NAT may not interoperate with IPSec, which provides application-independent security in VPNs (virtual private networks). A VPN is necessary, e.g., to connect a “road warrior” securely to a corporate Intranet via the untrusted Internet. We propose a simple DHCP extension that allows client IPSec implementations to interoperate with NAT. The resulting architecture, EASE, makes “road warrior” access easy, secure, and economical.
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
S. Alexander and R. Droms. “DHCP Options and BOOTP Vendor Extensions,” IETF, RFC 2132, Mar. 1997.
J. Brustoloni and J. Garay. “μISPs: Providing Convenient and Low-Cost High-Bandwidth Internet Access,” to appear in Proc. 9th Intl. World Wide Web Conf., W3C, Amsterdam, Netherlands, May 2000.
Counterpane. “PPTP Crack,” available at http://www.counterpane.com/pptp.html.
W. Croft and J. Gilmore. “Bootstrap Protocol,” IETF, RFC 951, Sept. 1985.
S. Deering and R. Hinden. “Internet Protocol, Version 6 (IPv6) Specification,” IETF, RFC 2460, Dec. 1998.
N. Doraswamy and D. Harkins. “IPSec: The New Security Standard for the Internet, Intranets and Virtual Private Networks,” Prentice-Hall, 1st. ed., July 1999.
R. Droms. “Dynamic Host Configuration Protocol,” IETF, RFC 2131, Mar. 1997.
K. Egevang and P. Francis. “The IP Network Address Translator (NAT),” IETF, RFC 1631, May 1994.
FreeS/WAN. Homepage at http://www.xs4all.nl/~freeswan/.
A. Freier, P. Karlton and P. Kocher. “The SSL Protocol Version 3.0,” Netscape, Mar. 1996, available at http://home.netscape.com/eng/ssl3/ssl-toc.html.
J. Hardin. “Linux VPN Masquerade.” Homepage at http://www.wolfenet.com/~jhardin/ip masq vpn.html.
D. Harkins and D. Carrel. “The Internet Key Exchange (IKE),” IETF, RFC 2409, Nov. 1998.
Internet Software Consortium. Homepage at http://www.isc.org/.
S. Kent and R. Atkinson. “IP Authentication Header,” IETF, RFC 2402, Nov. 1998.
S. Kent and R. Atkinson. “IP Encapsulating Security Payload (ESP),” IETF, RFC 2406, Nov. 1998.
S. Kent and R. Atkinson. “Security Architecture for the Internet Protocol,” IETF, RFC 1825, March 1997.
T. König. “Ssh (Secure Shell) FAQ-Frequently asked questions,” available at http://www.uni-karlsruhe.de/~ig25/ssh-faq/.
Lucent InterNetworking Systems. Homepage at http://www.lucent.com/dns/products/.
C. Madson and R. Glenn. “The Use of HMAC-MD5-96 within ESP and AH,” IETF, RFC 2403, Nov. 1998.
C. Madson and R. Glenn. “The Use of HMAC-SHA-1-96 within ESP and AH,” IETF, RFC 2404, Nov. 1998.
C. Madson and N. Doraswamy. “The ESP DES-CBC Cipher Algorithm with Explicit IV,” IETF, RFC 2405, Nov. 1998.
D. Maughan, M. Schertler, M. Schneider and J. Turner. “Internet Security Association and Key Management Protocol (ISAKMP),” IETF, RFC 2408, Nov. 1998.
Microsoft. “Point-to-Point Tunneling Protocol (PPTP) FAQ,” available at http://www.microsoft.com/NTServer/commserv/deployment/moreinfo/PPTPfaq.asp.
J. Postel and J. Reynolds. “File Transfer Protocol,” IETF, RFC 959, Oct. 1985.
Y. Rekhter, B. Moskowitz, D. Karrenberg, G. J. de Groot and E. Lear. “Address Allocation for Private Internets,” IETF, RFC 1918, Feb. 1996.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2000 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Brustoloni, J.C., Garay, J.A. (2000). Application-Independent End-to-End Security in Shared-Link Access Networks. In: Pujolle, G., Perros, H., Fdida, S., Körner, U., Stavrakakis, I. (eds) Networking 2000 Broadband Communications, High Performance Networking, and Performance of Communication Networks. NETWORKING 2000. Lecture Notes in Computer Science, vol 1815. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-45551-5_51
Download citation
DOI: https://doi.org/10.1007/3-540-45551-5_51
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-67506-8
Online ISBN: 978-3-540-45551-6
eBook Packages: Springer Book Archive