Title :
IPSec-based secure wireless virtual private network
Author :
Qu, Wei ; Srinivas, Sampalli
Author_Institution :
Fac. of Comput. Sci., Dalhousie Univ., Halifax, NS, Canada
Abstract :
There is currently enormous interest in the design of secure wireless networks. This has been necessitated by the fact that free-space radio transmission in wireless networks makes eavesdropping easy and consequently, a security breach may result in unauthorized access, information theft, interference, jamming and service degradation. Virtual private networks (VPN) have emerged as an important solution to security threats surrounding the use of public networks for private communications. VPN provide security by integrating a set of authentication, encryption, access control and session management components. While VPN for wireline networks have matured in both research and commercial environments, the design and deployment of wireless VPN is still an evolving field. This paper presents the results of an ongoing sub-project within the Secure Active VPN Environment (SAVE) project at Dalhousie University. The primary objective of this paper is to present the design and implementation of a secure wireless LAN based on the IPSec VPN tunnelling protocol and investigate its performance. An IPSec-compliant VPN is constructed and the traffic between the wireless node and the gateway is protected by the IPSec tunnel. PGP certification is used to provide secure public key management. UDP and TCP performance analysis are done to determine the effects of IPSec service on the wireless VPN. A further TCP trace analysis is done to determine the pipe capacity usage on the wireless VPN.
Keywords :
authorisation; certification; internetworking; message authentication; mobile radio; performance evaluation; public key cryptography; telecommunication network management; telecommunication security; telecommunication traffic; transport protocols; virtual private networks; wireless LAN; Dalhousie University; IPSec VPN tunnelling protocol; PGP certification; SAVE project; Secure Active VPN Environment; TCP; UDP; access control; authentication; eavesdropping; encryption; gateway; performance; pipe capacity usage; public networks; secure public key management; secure wireless networks; session management; traffic; virtual private networks; wireless LAN; wireless VPN; Access control; Authentication; Communication system security; Cryptography; Degradation; Information security; Interference; Jamming; Virtual private networks; Wireless networks;
Conference_Titel :
MILCOM 2002. Proceedings
Print_ISBN :
0-7803-7625-0
DOI :
10.1109/MILCOM.2002.1179632