home · mobile · calendar · colloquia · 2002-2003 · 

Colloquium - Trostle

Techniques for Improving the Security and Manageability of IPsec Policy
Jonathan Trostle
Cisco Systems

This talk focuses on the Internet Protocol Security (IPsec) policy mapping problem: given an outbound packet originated on the local host, how does the network layer decide if IPsec should be applied to the packet. More generally, how does one ensure correct mappings between application level identifiers and network layer identifiers. Although DNSSEC is one tool that can be applied here, it is neither necessary or sufficient. We describe some results for new techniques that that can be used for some legacy applications to partially or completely solve the IPsec policy mapping problem. We show how the set of current IPsec policy parameters can be usefully expanded. Finally, we summarize the environments today where IPsec is being used and discuss which IPsec policy mapping techniques are most appropriate for these environments.

Hosted by John Black.
Refreshments will be served immediately following the talk in ECOT 831.

Department of Computer Science
University of Colorado Boulder
Boulder, CO 80309-0430 USA
May 5, 2012 (14:13)