1 / 27

Privacy Issues in Virtual Private Networks

Privacy Issues in Virtual Private Networks. Tim Strayer BBN Technologies. What is a VPN?. Private network running over shared network infrastructure (Internet) Allows interconnection of different corporate network sites Allows remote users to access the corporate network

daniel_millan
Télécharger la présentation

Privacy Issues in Virtual Private Networks

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Privacy Issues inVirtual Private Networks Tim Strayer BBN Technologies

  2. What is a VPN? • Private network running over shared network infrastructure (Internet) • Allows interconnection of different corporate network sites • Allows remote users to access the corporate network • Allows controlled access between different corporate networks

  3. Remote Site Private “Intranet” Network Public Internet Intranet Intranet Intranet Headquarters Headquarters Remote Site Why VPNs? Frame Relay Or ATM Or Dial-Up Service

  4. VPN Rationale • Private Networks • Costly • Inflexible • Multiple Infrastructures • Virtual Private Networks • Inexpensive • Configurable • Single Infrastructure

  5. The First VPN • 1975, BBN delivered the first Private Line Interface (PLI) to the Navy • Created secure network communication over the ARPANET • Used a proprietary encryption and manual keying system

  6. VPN Technologies • Tunneling • Overlay facilitates sharing common infrastructure • IPsec, PPTP, L2TP, MPLS • Security • Authentication: PKI, RADIUS, Smartcard • Access Control: Directory Servers, ACLs • Data Security: Confidentiality, Integrity • Provisioning • QoS • Traffic Engineering

  7. “Hello!” SS Encapsulator “Hello!” “Hello!” SS Encapsulator SS Encapsulator Island Metaphor Tunnel “Hello!” “Hello!” “Oh! Hi! “???”

  8. Outer Header Inner Packet Trailer For target network For transport network 2 2 3 3 4 2 7 3 Ethernet IP TCP FTP Ethernet IP PPP IP Tunneling • Usually layers are inverted

  9. 3 3 4 4 2 2 3 3 Tunnels at Layer 2 • Point-to-Point Tunneling Protocol (PPTP) • Integrated into Microsoft DUN and RAS • Authentication/encryption provided by PPP • Layer 2 Tunneling Protocol (L2TP) • Combines PPTP with Cisco L2F • Layer 2 tunneling, UDP encapsulation IP GREv2 PPP IP/IPX IP UDP PPP IP/IPX/IPsec

  10. IPsec Protocol Suite • Data encryption and authentication • Two protocols • Encapsulating Security Payload (ESP) assures data privacy and party authentication • Authentication Header (AH) assures only party authentication • Cryptographic key management • Works well with Public Key Infrastructure and X.509 Certificates • Transport and tunnel modes of operation • IPsec VPNs use tunnel mode and ESP

  11. New IP Header Security Parameter Index Sequence Number Authenticated Encrypted ESP Trailer ESP Authentication IPsec Tunneling Original IP Header Original IP Packet Original IP Payload

  12. MPLS “Tunneling” • Multi-Protocol Label Switching • High speed switching technology • Tunnel any layer • Built into edge/core routers and switches • No authentication/encryption Label IP Header IP Payload Original Packet

  13. IPsec vs. MPLS • Two dominant VPN technologies • Let’s compare them viz. their approaches to privacy

  14. What is meant by Private? • No one can see your stuff • Emphasis is on security • Confidentiality, integrity, authentication, authorization, access control • Carve out a piece of a shared network for your own use • Emphasis is on availability • Traffic engineering

  15. Evolution of IPsec • First defined as a security mode for IPv6 • “Ported” to IPv4 • Combines tunneling with security • Orthogonal services • Complex key management

  16. Evolution of MPLS • ATM’s VCI/VPI used for cut-through switching • Separates routing from forwarding • Supports resource allocation • MPLS • IP cut-through switching using label • Routers switch on preestablished label • Routers don’t care what’s behind the label • Originally proposed to accelerate routing

  17. A Protocol Looking for a Use • Fast routing argument lost with new routing technology • Switching technology applied to IP header • MPLS for traffic engineering • “Connection” oriented • Stateful – keeps tracks resource allocation and usage • RSVP adapted for signaling • Hot router selling feature

  18. MPLS-VPN Security • Label Switch Routers will drop packets that do not belong to the VPN based on label • BGP guards against injected routes using MD-5 authentication • Note: • No data confidentiality • Weak authentication • BGP is not sufficient to prevent fake routes

  19. Why MPLS-VPN? • Embed label switching in routers • Sell more routers • Replace Frame Relay and ATM with something that looks like these services • No profit in Frame Relay or ATM anymore • Control provisioning at the edge of ISP • Sell value added service • ISP dependent • Keeps customers within provider’s network

  20. Why IPsec-VPN? • No changes to core routers • Security gateway/tunnel endpoint placed anywhere that is appropriate • Separation through obfuscation • Real data confidentiality • Real authentication • Routing protocol agnostic • No (more than current) reliance on well-behaved protocols • ISP agnostic

  21. Guarding “Privates” • What separates a VPN’s traffic from all other traffic? • IPsec: data encryption • MPLS: different labels, forwarding tables • Who is responsible for separation? • IPsec: • ISPs, but not necessarily • Corporate IT group and even individuals • MPLS: ISPs

  22. Dichotomy of Assumptions • IPsec assumes goal is: • IP delivery • No trust of intermediate systems • MPLS assumes goal is: • Engineered delivery • Trust entities in the middle • Begged question: Is leaving security to someone else a good thing?

  23. Which is the Right Way? • Depends on what control you are willing to cede to service providers • What SLAs you demand • What you want to “black box” • Depends on what you mean by “private” • No one is supposed to use your resources • No one is able to see your stuff

  24. Trends in VPNs • IPsec is being built into routers, gateways, and firewalls, and can run at very high speeds • Layer 2 tunneled through MPLS • Martini Draft • Combining MPLS and IPsec • IP tunneled through IPsec tunneled through MPLS • Best of both worlds

  25. There’s more to it • Establishing a VPN is much more than just building a set of tunnels between sites • Authentication • Access Control • Data Confidentiality • Data Integrity • Remote Access

  26. Where does “Private” go? • Virtual Private Network • Makes sense • What the designers had in mind • Virtual Private Network • What happens if you’re not careful

  27. More about me • This talk and other information at http://www.ir.bbn.com/~strayer

More Related