The Navy needs to use Multi Level Security (MLS) techniques in an environment with increasing amount of real time computation brough about by increased automation requirements and new more complex operations. NSWC-DD has initiated testing of a security protocol based on the commercial standard, IPSEC, which is becoming available in Commercial Off The Shelf (COTS) computing products. IPSEC is viewed as a critical component towards providing MLS capabilities. Current implementations of IPSEC are implemented in software as part of the kernel system software. The system engineer must carefully develop security policies versus applying this technology in a brute force way. This paper describes the security issues, the IPSEC standard, testing performed at NSWC-DD and provides an approach to using this technology in the current resource constrained environment using today’s COTS products.
[1]
David L. Mills,et al.
Network Time Protocol (Version 3) Specification, Implementation and Analysis
,
1992,
RFC.
[2]
W. Douglas Maughan,et al.
Internet Security Association and Key Management Protocol (ISAKMP)
,
1998,
RFC.
[3]
Stephen T. Kent,et al.
Security Architecture for the Internet Protocol
,
1998,
RFC.
[4]
Stephen T. Kent,et al.
IP Authentication Header
,
1995,
RFC.
[5]
Randall J. Atkinson,et al.
Security Architecture for the Internet Protocol
,
1995,
RFC.
[6]
John Gilmore,et al.
Cracking DES - secrets of encryption research, wiretap politics and chip design: how federal agencies subvert privacy
,
1998
.