Download Secure and Manageable Virtual Private Networks for End

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
page
5
page
6
page
7
page
8
page
9
page
10
page
11
page
12
page
13
page
14
page
15
page
16
page
17
page
18
page
19
Document related concepts
no text concepts found
Transcript 
Secure and Manageable
Virtual Private Networks
for End-users
K. Kourai (Tokyo Institute of Technology)
T. Hirotsu K. Sato O. Akashi
K. Fukuda T. Sugawara (NTT)
S. Chiba (Tokyo Institute of Technology)
Multi-homing by VPNs
 Each host deals with
multiple networks

corporate
network
ISP
LAN, VPNs
 End-users use VPNs for
more security


for each end-user
for each user’s activity

VPN2
VPN1
business mail, private mail,
shopping site
LAN
Problem 1:
uncontrollable information flow
 Information flow is mixed
among VPNs and a LAN

corporate
network
ISP
through multi-homed hosts
 Private information may be
leaked

at the network layer


VPN1
via a single routing table
at the application layer

via file systems or
processes’ memory
LAN
VPN2
Problem 2:
IP addressing conflict
 IP addressing may be overlapped
among VPNs and a LAN

private IP addresses
192.168.0.1
 Unintended routing

conflict, misuse, abuse
VPN
192.168.0.1
Assigning unique IP addresses
for every network is not realistic
LAN
networks are connected
at the points of multi-homed hosts
Personal network
 Personal network integrates:


a VPN
per-VPN execution
environments of hosts


called portspaces
single-homed
 Closed network


web
server
personal
network
mail
server
VPN
VPNs are exclusive
Portspaces are exclusive
web browser
mail client
Features
 Separation of networking activities

Information flow is confined



Network routing is separated
File systems and processes are separated
Independent network management is provided

IP addressing is closed
 Easy bootstrapping

End-users can construct
personal networks easily
Portspace
 A portspace is a virtualized host


only one VPN
independent namespaces for network, files,
and processes
 base environment


portspace
pseudo portspace
base network (LAN)
VPN
process
network
stack
file system
LAN
Namespace for network
 IP address

End-users can use the same IP address with
the base environment
 Protocol control blocks

End-users can use the same port numbers
used in the base environment
 Routing table
VPN1
httpd
IP 192.168.0.1
port 80
 VPN configuration
VPN2
IP 192.168.0.1
port 80
httpd
Namespaces for files/processes
 Namespace for files


Processes can access only files in the
portspace
End-users can prepare configuration files to
perform their own network management

resolv.conf, host.conf
 Namespace for processes

This namespace prevents process interaction
from the other portspaces

IPC, shared memory, signal
Inheritance
 Inheritance


network services
 Requests are forwarded to
the super-portspace
file system
 Read from super-portspace
 Write to sub-portspace
request
sub-portspace
write
reply
forward
 overriding/hiding


network services
files
read
server
process
super-portspace
Inheritance problem
 Unintended information flow may occur via a
super-portspace


The super-portspace becomes multi-homed
Personal networks using the super-portspace
are not independent
forward
personal
network
information
super-portspace
flow
Chinese Wall security model
 Membership control

A portspace can join a personal network
only if:

The portspace’s information does not conflict with
the personal network's
join
inherit
personal
network
Chinese
Wall
Implementation
 We implemented based on FreeBSD 4.7


IPsec for VPNs
union file system for inheritance
 How to communicate between portspaces
routing
table
IPsec
database
routing
table
sender’s host
PCB
list
SPI
SPI-portspace
table
receiver’s host
Experiments
 We measured overheads of personal networks

Benchmark programs


3 network constructions



Netperf, ApacheBench
base network with IPsec
personal network without/with inheritance
Environments



2 PCs (Pentium III-S 1.4GHz, Intel Pro/100+)
connected via a 100baseT Ethernet switch
no encryption/authentication for IPsec
Result: Netperf
Round-trip latency (us)
Throughput (Mbps)
95
140
94
135
93
130
92
125
91
120
90
TCP
UDP
base network + IPsec
personal network
personal network + inheritance
TCP
UDP
latency increase: 1.5%
throughput decline: 0.1%
inheritance overhead: 0.2%
Result: ApacheBench
Performpance (requests/sec)
5000
 web server
 thttpd
4000
 request
 an HTML file of 0 byte
3000
2000
1
2
3
4
5
concurrency
6
base network + IPsec
personal network + inheritance
personal network
 overhead
 3.9%
Related work: virtual networks
 Virtual Internets [Touch’02]

An internal router controls the connection
between environments and virtual networks


for fault-tolerance and persistence
not for security
 Router partitioning [Lim’01, Scandarioato’02]

VPNs and routing are incorporated at routers


Routers provide per-VPN routing tables
only at the network layer
Related work: virtual hosts
 There are various virtual host techniques



FreeBSD jail
Clonable network stack [Zec’03]
Virtual machine [VMware]
 Differences


Virtual hosts do not cooperate with virtual
networks
Virtual hosts are not independent of the base
environment
Conclusion
 We proposed personal networks

A personal network integrates a VPN and
portspaces



separation of information flow
independent network management
Portspaces inherit services and file systems
 Future work


loosening the Chinese Wall security model
QoS support for personal networks
Related documents