Principal Investigators

Sean O'Malley
Hilarie Orman
Larry Peterson

• Build network security easily, reliably
  
  
  
• Demonstrate correct and useful security services for the Internet infrastructure
  
  
  
• Informal assurance techniques integrated into software development

• xKernel "security" release
  
  
  • cryptographic protocols
  • policy protocols
    
    
  • second release soon
    
    
• network security and key exchange
  
  
  • faithful prototypes of Internet draft RFC's
  • interoperability testing
    
    
• signed routing updates
  
  
  • group membership for trusted router group
  • interoperates with non-aware RIP's
    
    
• graph-based correctness rules
  
  
  • is-encrypted, is-integrity, is-secure
  • Lampson "speaks-for" authentication logic
  • message length constraints
  • address type constraints
    
    

• Maintain uniform protocol interface
  
  open, passive open, close, push, pop, rpc, etc.
  
  extended to incorporate security identifiers
  
  
• All cryptographic reliances are explicit
  
  
  
  
• Creation of graph subsystems --- leaf mode and subsystem mode

Public key signatures in IP security framework

New key exchange protocol

OSPF link state signatures

Integration of IP security in Linux kernel

xKernel security code used directly

Mix-match user/kernel security processing in Linux

xKernel in Linux kernel and in user space

Omnipresent policy modules

• Subprotocol within ISAKMP framework
  
• Combines Diffie-Hellman with several authentication schemes
  
• Internet draft
  
• Flexible design a result of years of xkernel thinking
  

• Address-based crypto: VSELECT
• Security Association Manager: SPIINT, SAIDMGR

• Group membership (GRPMEM)
• Omni-Broadcast (FLOOD)

• Interoperable Kerberos
• RIP routing w/authentication, trusted routers
• IP packet security (IPSEC AH and ESP)
• Key exchange (Photuris, OAKLEY*)

• ping
• ftp
• rlogin
• telnet-forwarder

• Done for Mach3 via IPC
  
  
• Linux socket/xKernel conversion?
  
  
• Primary concerns: key management, certificate retrieval
  
  

• design clarity and efficiency
  
  
• incorporation of new algorithms
  
  
• high quality software crypto
  
  

• turning design into code
  
  
• rules
  
  

• closure on algorithm encapsulation
  
  
• convincing the world to abandon Unix kernel network code
  
  
• bounding number of special purpose options
  
  
• automatically building complex services