Abstract
Virtual Private Network (VPN) solutions mainly focus on security aspects. Their main aims are to isolate a distributed network from outsiders and to protect the confidentiality and integrity of sensitive information traversing a non-trusted network such as the Internet. But when security is considered the unique problem, some collateral ones arise. VPN users suffer from restrictions in their access to the network. They are not free to use traditional Internet services such as electronic mail exchange with non-VPN users, and to access Web and FTP servers external to the organization. In this paper we present a new solution, located at the TCP/IP transport layer that, while maintaining strong security features, allows the open use of traditional network services. The solution does not require the addition of new hardware because it is an exclusively software solution. As a consequence, the application is totally portable. Moreover, the implementation is located at the transport layer; thus, there is no need to modify any software previously installed, like FTP, Telnet, HTTP, electronic mail or other network applications.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
R. Atkinson, “Security Architecture for the Internet Protocol”, RFC??? 1825, August 1995.
U. Black, “Frame-Relay: Specifications and Implementations”, McGraw-Hill, 1994
CCITT, Recommendation X.509. The Directory-Authentication Framework. Blue Book-Melbourne 1988, Fascicle VIII.8
T. Dierks, C. Allern, “The TLS Protocol Version 1.0.” Internet Draft, November 1998
W. Diffie, M. Hellman, “New Directions in Cryptography”. IEEE Transactions on Information Theory, IT-22, n. 6. 1976, pp. 644–654.
FIPS 46, Data Encryption Standard, NBS, U.S. Department of Commerce, Washington D.C., January 1977
FIPS-140-1, Security Requirements for Cryptographic Modules, U.S. Department of Commerce, NIST, Washington, DC, 1994.
FIPS 180-1, Secure Hash Standard, NIST, U.S. Department of Commerce, Washington D.C., April 1995
R. Harbison, “Frame-Relay: Technology for our Time”, LAN Technology, December 1992
M. Horowitz, S. Lunt, “FTP Security Extensions”, RFC??? 2228, October 1997.
X. Lai, J. Massey, “Hash Functions Based on Block Ciphers” Advances in Cryptology, Proceedings EUROCRYPT’ 92, Springer-Verlag, 1992, pp. 55–70
J. Linn, “Privacy Enhancement for Internet Electronic Mail: Part I-Message Encipherment and Authentication Procedures”, RFC??? 989, February 1987.
Microsoft Corporation, “The Private Communication Technology”, 1997. http://premium.microsoft.com/msdn/library/backgrnd/html/msdnpct.htm
Netscape Communications, “SSL 3.0 Specification”. http://www.netscape.com/libr/ssl3/index.html
B. Ramsdell, “S/MIME Version 3 Message Specification”, Internet Draft, August 1998.
R. Rivest, “The MD5 Message Digest Algorithm”. RFC 1321, April 1992
A. Schiffman, E. Rescorla, “The Secure Hypertext Transfer Protocol”, Internet Draft, June 1998.
B. Schneier, “Description of a New Variable-Lenght Key, 64-Bit Block Cipher (Blowfish)”, Fast Software Encryption, Springer-Verlag, 1994, pp. 191–204
T. J. Socolofsky, C. Kale, “A TCP/IP Tutorial”, RFC 1180, January 1991.
P.R. Zimmermann, “The Official PGP User’s Guide”. MIT Press, 1995.
Author information
Authors and Affiliations
Rights and permissions
Copyright information
© 1999 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Davila, J., Lopez, J., Peralta, R. (1999). Implementation of Virtual Private Networks at the Transport Layer. In: Information Security. ISW 1999. Lecture Notes in Computer Science, vol 1729. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-47790-X_9
Download citation
DOI: https://doi.org/10.1007/3-540-47790-X_9
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-66695-0
Online ISBN: 978-3-540-47790-7
eBook Packages: Springer Book Archive