Tunnel gateway satisfying mobility and security requirements of mobile and IP-based networks

Full-mesh IPSec tunnels pass through a black ("un secure") network (B-NET) to any red ("secure") networks (R NETs). These are needed in military environments, because they enable dynamically changing R-NETs to be reached from a B NET. A dynamically reconfiguring security policy database (SPD) is very difficult to manage, since the R-NETs are mobile. This paper proposes advertisement process technologies in association with the tunnel gateway\´s protocol that sends \´hello\´ and \´prefix advertisement (ADV)\´ packets periodically to a multicast IP address to solve mobility and security issues. We focus on the tunnel gate way\´s security policy (SP) adaptation protocol that enables R-NETs to adapt to mobile environments and allows them to renew services rapidly soon after their redeployment. The prefix ADV process enables tunnel gateways to gather information associated with the dynamic changes of prefixes and the tunnel gateway\´s status (that is, \´down\´/restart). Finally, we observe two different types of performance results. First, we explore the effects of different levels of R-NET movements on SP adaptation latency. Next, we derive the other SP adaptation latency. This can suffer from dynamic deployments of tunnel gateways, during which the protocol data traffic associated with the prefix ADV protocol data unit is expected to be severe, especially when a certain tunnel gateway restarts.