Title :
Dynamic VPN communities: implementation and experience
Author :
Kindred, Darrell ; Sterne, Daniel
Abstract :
Dynamic communities of independent organizations require fluid collaborative sharing of information resources within member networks. This presents challenging network security problems. The security postures of member networks must rapidly evolve in response to the addition or removal of community members, in order to grant privileged access to members while protecting critical resources and communications from nonmembers. The member networks belong to different administrative domains, and must preserve their autonomy despite the necessary relaxing of access restrictions. This paper describes the design and implementation of a system supporting Dynamic Virtual Private Network (DVPN) communities of independently administered, firewall-protected enclaves. A central authority defines the community, and member enclaves adapt automatically and rapidly as enclaves are admitted or expelled, avoiding the high administrative cost and risk of misconfiguration associated with common VPN mechanisms
Keywords :
authorisation; computer networks; telecommunication security; Dynamic Virtual Private Network; access restrictions; firewall; information resource sharing; network security; Assembly; Collaboration; Costs; Floods; Fluid dynamics; Information resources; Information security; Organizing; Protection; Virtual private networks;
Conference_Titel :
DARPA Information Survivability Conference & Exposition II, 2001. DISCEX '01. Proceedings
Conference_Location :
Anaheim, CA
Print_ISBN :
0-7695-1212-7
DOI :
10.1109/DISCEX.2001.932220
