next up previous
Next: Remote Login and Up: Secure Non-Local Access Previous: Secure Non-Local Access

Secure IP tunnelling

To support users who regularly work at home or trusted collaborators at other schools, we need to connect isolated sites and give them unrestricted access to all internal machines. We assume that the campus internetwork, which is presumed to be insecure, will be used as the primary conduit to provide users with access from home machines.

To connect two isolated sites that are protected and mutually trusting, we establish a secure IP tunnel between them. Arbitrary IP packets are then encapsulated and tunnelled between the two sites. We chose to use Ioannidis' swIPe protocol [18] to implement an authenticated, encrypted IP tunnel. The endpoints of the tunnel are known, and the filter ensures that incoming swIPe packets are actually part of an already registered tunnel.

Alternatively, we can support a dedicated connection (either leased line or modem) between two sites protected by their own firewalls. For example, our security enclave includes a subnet, directly connected via leased line, in the home of a faculty member. However, due to cost considerations, secure network connections are not generally feasible.

Sandeep Singhal
Thu Nov 30 01:58:58 PST 1995