Journal of Network and Systems Management

, Volume 18, Issue 3, pp 300–326 | Cite as

Distributed Automatic Configuration of Complex IPsec-Infrastructures

  • Michael Rossberg
  • Guenter Schaefer
  • Thorsten Strufe


The Internet Protocol Security Architecture IPsec is hard to deploy in large, nested, or dynamic scenarios. The major reason for this is the need for manual configuration of the cryptographic tunnels, which grows quadratically with the total amount of IPsec gateways. This way of configuration is error-prone, cost-intensive and rather static. When private addresses are used in the protected subnetworks, the problem becomes even worse as the routing cannot rely on public infrastructures. In this article, we present a fully automated approach for the distributed configuration of IPsec domains. Utilizing peer-to-peer technology, our approach scales well with respect to the number of managed IPsec gateways, reacts robust to network failures, and supports the configuration of nested networks with private address spaces. We analyze the security requirements and further desirable properties of IPsec policy negotiation, and show that the distribution of security policy configuration does not impair security of transmitted user data in the resulting virtual private network (VPN). Results of a prototype implementation and simulation study reveal that the approach offers good characteristics for example with respect to quick reconfiguration of all gateways after a central power failure (robustness), or after insertion of new gateways (scalability and agility).


Computer network reliability Computer network security Robustness 


  1. 1.
    Fu, Z., Wu, S.F.: Automatic generation of IPSec/VPN security policies in an intra-domain environment. In: Proceedings of the 12th internation workshop on Distributed System Operation and Management (DSOM), 2001, pp. 279–290Google Scholar
  2. 2.
    Baltatu, M., Lioy, A., Lombardo, D., Mazzocchi, D.: Towards a policy system for IPsec: issues and an experimental implementation. In: Proceedings of 9th IEEE International Conference on Networks (ICON), 2001, pp. 146–151Google Scholar
  3. 3.
    Sanchez, L.A., Condell, M.N.: Security policy protocol, Expired Internet-Draft.
  4. 4.
    Fluhrer, S.: Tunnel Endpoint Discovery, Expired Internet-Draft. (2000)
  5. 5.
    Fluhrer, S.: Determining secure endpoints of tunnels in a network that uses internet security protocol, United States Patent US 2007/7207063 B1 (2007)Google Scholar
  6. 6.
    Tran, T.: Proactive multicast-based IPSEC discovery protocol and multicast extension. In: Proceedings of the IEEE Military Communications Conference MILCOM (2006)Google Scholar
  7. 7.
  8. 8.
    Fluhrer, S.: System and method for protected spoke to spoke communication using an unprotected computer network, United States Patent US 2007/0271451 A1 (2007)Google Scholar
  9. 9.
    Bhaiji, Y.: Network security technologies and solutions, 1st Edn. Cisco Press, 2008, Ch. Part III: Data Privacy (2008)Google Scholar
  10. 10.
    Rossberg, M., Schaefer, G.: Ciscos group encrypted transport VPN—A sceptical analysis. In: Proceedings of D-A-CH security, German, 2009, pp. 351–360 (2009)Google Scholar
  11. 11.
    Figueiredo, R., Boykin, P.O., Juste, P.S., Wolinsky, D.: Social VPNs: Integrating overlay and social networks for seamless P2P networking. In: 17th IEEE International Workshop on Enabling Technologies: Infrastructures for Collaborative Enterprises (WETICE/COPS), 2008, pp. 93–98 (2008)Google Scholar
  12. 12.
    Bilge, L., Strufe, T., Balzarotti, D., Kirda, E.: All your contacts are belong to us: Automated identity theft attacks on social networks. In: Proceedings of the 18th International World Wide Web Conference, 2009, pp. 551–560 (2009)Google Scholar
  13. 13.
    Stoica, I., Morris, R. Karger, D., Kaashoek, M.F., Balakrishnan, H.: Chord: A scalable peer-to-peer lookup service for internet applications, ACM SIGCOMM Comput. Commun. Rev. 31(4), 149–160 (2001)CrossRefGoogle Scholar
  14. 14.
    Cramer, C., Kutzner, K., Fuhrmann, T.: Bootstrapping locality-aware P2P networks. In: Proceedings of 12th IEEE International Conference on Networks (ICON), 2004, pp. 357–361 (2004)Google Scholar
  15. 15.
    Knoll, M., Wacker, A., Schiele, G., Weis, T.: Decentralized bootstrapping in pervasive applications. In: Proceedings of 5th IEEE International Conference on Pervasive Computing and Communications Workshops (PerCom), pp. 589–592 (2007)Google Scholar
  16. 16.
    Hu, Z., Li, B.: ZAL: Zero-maintenance address allocation in mobile wireless ad hoc networks. In: Proceedings of the 25th IEEE International Conference on Distributed Computing Systems (ICDCS), 2005, pp. 103–112 (2005)Google Scholar
  17. 17.
    Mcauley, A.J., Manousakis, K.: Self-configuring networks. In: Proceedings of the IEEE Military Communications Conference (MILCOM), 2000, pp. 315–319 (2000)Google Scholar
  18. 18.
    Kent, S., Lynn, C., Seo, K.: Secure border gateway protocol (S-BGP). IEEE IEEE J. Sel. Areas Commun. 18(4):582–592 (2000)CrossRefGoogle Scholar
  19. 19.
    Touch, J., Eggert, L., Wang, Y.-S.: Use of IPsec Transport Mode for Dynamic Routing, IETF Request for Comments 3884 (Proposed standard). (2004)
  20. 20.
    Cachin, C., Samar, A.: Secure distributed DNS. In: Proceedings of Dependable Systems and Networks (DSN), 2004, pp. 423–432 (2004)Google Scholar
  21. 21.
    Gupta, R., Gavrilescu, A., Miller, J.L. Wheeler, G. A.: Peer-to-peer name resolution protocol (PNRP) security infrastructure and method, United States Patent 7,051,102 (2001)Google Scholar
  22. 22.
    Schmidt, H., Guenkova-Luy, T. Hauck, F. J.: A decentral architecture for SIP-based multimedia networks. In: KiVS, Informatik aktuell, Springer Press, pp. 63–74 (2007)Google Scholar
  23. 23.
    Hu, Y.-C., Perrig, A., Johnson, D. B.: Ariadne: A secure on-demand routing protocol for ad hoc networks. Wirel Networks 11(1-2) 21–38 (2005)CrossRefGoogle Scholar
  24. 24.
    Barbir, A., Murphy, S., Yang, Y.: Generic threats to routing protocols, IETF request for comments 4593 (Proposed standard). (2006)
  25. 25.
    Hu, Y.-C. Perrig, A., Johnson, D. B.: Packet leashes: a defense against wormhole attacks in wireless networks. In: Proceeedings of the 22nd Conference of the IEEE Computer and Communications (INFOCOM), vol. 3, 2003, pp. 1976–1986 (2003)Google Scholar
  26. 26.
    Eronen, P.: IKE v2 mobility and multihoming protocol (MOBIKE), IETF Request for Comments 4555 (Proposed standard). (2006)
  27. 27.
    Brinkmeier, M., Rossberg, M., Schaefer, G.: Towards a denial-of-service resilient design of complex IPsec overlays. In: Proceedings of International Conference on Communications (ICC) (2009)Google Scholar

Copyright information

© Springer Science+Business Media, LLC 2010

Authors and Affiliations

  • Michael Rossberg
    • 1
  • Guenter Schaefer
    • 1
  • Thorsten Strufe
    • 2
  1. 1.Technische Universität IlmenauTelematics and Computer Networks GroupIlmenauGermany
  2. 2.Technische Universität DarmstadtPeer-to-Peer Networking GroupDarmstadtGermany

Personalised recommendations