ITG Research in Internet Security
Home
What's New
At a Glance
People
Products
Projects
Publications
Facilities
Opportunties
Search

Internetwork Protocol Security (IPsec)

In the area of network security technology, ITG staff members took a leadership role in the IETF and vendor community in design and standardization of internetwork layer security protocols, known as IPsec.   IPsec protocols are designed to provide authentication, integrity and confidentiality services to both the current IP protocol (IPv4) and IPv6.   We have concentrated our current efforts on IPv4 because of the high level of interest in fielding internet security technology as quickly as possible.

At the request of IETF directors, NIST staff collaborated with key industry partners to develop several specifications for emerging IPsec protocols.  NIST staff co-authored IPsec protocol specifications with: Cisco Systems Inc, Bay Networks, IBM T. J. Watson Research Center,  the National Security Agency and Sable Systems.

In addition to providing leadership in IETF standards development, we designed and developed Cerberus, a leading edge prototype and reference implementation of the latest IPsec specifications. Cerberus serves as a publicly available reference implementation and a platform for on-going research on advanced issues in IPsec technology.

To answer an industry call for more frequent and accessible interoperability testing for emerging commercial implementations of  IPsec technology, we development the NIST IPsec WWW-based Interoperability Tester ( IPsec-WIT).  IPsec-WIT is built around the Cerberus prototype and ubiquitous WWW technology and allows implementers to remotely execute series of interoperability tests against the NIST reference implementation.   IPsec-WIT also serves as an experiment in test system architectures and technologies.  The novel use of WWW technology allows IPsec-WIT to provide interoperability testing services anytime and anywhere without requiring any distribution of test system software, or relocation of the systems under test.

Work is current underway to expand Cerberus and IPsec-WIT to support emerging key management protocols and to address IPv6 in addition to IPv4.

 
  • Page Last Modified:  02/05/99 04:00 PM
  • Email comments & questions about this WWW space to webmaster@antd.nist.gov .