CCSDS IPsec Compatibility Testing

Slides:



Advertisements
Similar presentations
CCSDS Security Working Group Spring 2014 Meeting 10 November – 13 November 2014 London, England Okechukwu Mezu, Charles Sheehe NASA/Glenn.
Advertisements

IPv6 Keith Wichman. History Based on IPv4 Based on IPv4 Development initiated in 1994 Development initiated in 1994.
IPv6 Overview Brent Frye EECS710. Overview Google Drive Microsoft Cloud Drive Dropbox Paid-for alternatives 2.
Internet Security CS457 Seminar Zhao Cheng. Security attacks interruption, interception, modification, fabrication passive attack, active attack.
IPSec: Authentication Header, Encapsulating Security Payload Protocols CSCI 5931 Web Security Edward Murphy.
1 IP Security Outline of the session –IP Security Overview –IP Security Architecture –Key Management Based on slides by Dr. Lawrie Brown of the Australian.
What is in Presentation What is IPsec Why is IPsec Important IPsec Protocols IPsec Architecture How to Implement IPsec in linux.
Microsoft Windows Server 2003 TCP/IP Protocols and Services Technical Reference Slide: 1 Lesson 23 Virtual Private Networks (VPNs)
Introduction to IPv6 NSS Wing,BSNL Mobile Services, Ernakulam 1.
CCSDS IPsec Compatibility Testing
CCSDS IPsec Compatibility Testing 10/28/2013 OKECHUKWU MEZU CHARLES SHEEHE CCSDS GRC POC.
An Introduction to Encrypting Messages on the Internet Mike Kaderly INFS 750 Summer 2010.
IPSec in a Multi-OS Environment. What is IPSec? IPSec stands for Internet Protocol Security It is at a most basic level a way of adding security to your.
Advanced Unix 25 Oct 2005 An Introduction to IPsec.
IPSec IPSec provides the capability to secure communications across a LAN, across private and public wide area networks (WANs) and across the Internet.
Karlstad University IP security Ge Zhang
IPSec ● IP Security ● Layer 3 security architecture ● Enables VPN ● Delivers authentication, integrity and secrecy ● Implemented in Linux, Cisco, Windows.
© 2006 Cisco Systems, Inc. All rights reserved. Network Security 2 Module 4: Configuring Site to Site VPN with Pre-shared keys.
FINAL YEAR PROJECT. FINAL YEAR PROJECT IMPLEMENTATION OF VPN USING IPSEC.
FreeS/WAN & VPN Cory Petkovsek VPN: Virtual Private Network – a secure tunnel through untrusted networks. IP Security (IPSec): a standardized set of authentication.
1 Chapter 6 IP Security. 2 Outline Internetworking and Internet Protocols (Appendix 6A) IP Security Overview IP Security Architecture Authentication Header.
IP security Ge Zhang Packet-switched network is not Secure! The protocols were designed in the late 70s to early 80s –Very small network.
Module 10: Providing Secure Access to Remote Offices.
Securing Data Transmission and Authentication. Securing Traffic with IPSec IPSec allows us to protect our network from within IPSec secures the IP protocol.
Security IPsec 1 * Essential Network Security Book Slides. IT352 | Network Security |Najwa AlGhamdi 1.
IPSec – IP Security Protocol By Archis Raje. What is IPSec IP Security – set of extensions developed by IETF to provide privacy and authentication to.
1 IPSec: An Overview Dr. Rocky K. C. Chang 4 February, 2002.
Computer Science and Engineering Computer System Security CSE 5339/7339 Session 27 November 23, 2004.
CCSDS IPsec Compatibility Testing 05/4/2016 CHARLES SHEEHE, CCSDS GRC POC OKECHUKWU MEZU, Test Engineer 1.
Presentaion on ipsecurity Presentaion given by arun saraswat To lavkush sharma sir arun saraswat1.
第六章 IP 安全. Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
IP Security
CSCI 465 Data Communications and Networks Lecture 26
CCSDS USLP Activities April 2016
Virtual Private Networks and IPSec
VPNs and IPSec Review VPN concepts Encryption IPSec Lab.
Virtual Private Networks
CCSDS Security Credentials Blue Book
UNIT 7- IP Security 1.IP SEC 2.IP Security Architecture
IPSecurity.
Virtual Private Networks
Virtual Private Network (VPN)
Virtual Private Networks
Network Layer Security Update
CSE 4905 IPsec.
Encryption and Network Security
Chapter 16 – IP Security If a secret piece of news is divulged by a spy before the time is ripe, he must be put to death, together with the man to whom.
Chapter 18 IP Security  IP Security (IPSec)
Internet and Intranet Fundamentals
IT443 – Network Security Administration Instructor: Bo Sheng
CCSDS IPsec Compatibility Testing
Internet Security CS457 Seminar Zhao Cheng
UNIT.4 IP Security.
Agenda CCSDS Network Layer Security IPSec+IKE Profile for CCSDS
CSE565: Computer Security Lecture 23 IP Security
No.9: IP Security Network Information Security 网络信息安全
Cryptography and Network Security
IP Security - Chapter 6 of William Stallings. Network Security Essentials (2nd edition). Prentice Hall Slides by Henric Johnson Blekinge Institute.
IP Security - Chapter 6 of William Stallings. Network Security Essentials (2nd edition). Prentice Hall Slides by Henric Johnson Blekinge Institute.
Virtual Private Network (VPN)
VPNs and IPSec Review VPN concepts Encryption IPSec Lab.
CSCI {4,6}900: Ubiquitous Computing
Net431:advanced net services
Implementing IP Addressing Services
Encrypting OVN tunnels with IPsec
Virtual Private Networks (VPNs)
B. R. Chandavarkar CSE Dept., NITK Surathkal
Chapter 6 IP Security.
Cryptography and Network Security
Presentation transcript:

CCSDS IPsec Compatibility Testing 03/23/2015 OKECHUKWU MEZU CHARLES SHEEHE CCSDS GRC POC

IPsec Project Overview Performing Encapsulating Security Payload (ESP) using pre-shared keys on a CCSDS Internet Protocol (IP) packet going from source node over a satellite in space to a destination node Why this is important Two independent compatible developments are required prior to acceptance NASA GRC IPsec implementation will satisfy one independent development CNES IPsec implementation will satisfy the second independent development Compatibility tests to ensure interoperability Compatibility test will be recorded in the CCSDS 356.1-Y-1 book as official documentation of testing CCSDS IPsec NASA development and testing started November 2013

IPsec Project Process IPsec compatibility testing for CCSDS Evaluate IPsec/CCSDS related standards Define CCSDS/IPsec approved parameters by CCSDS working group Develop Test Plan Approval of Test Plan Perform independent testing based on defined IPsec parameters Modify test plan test only IPV4 Perform Compatibility Testing Documentation of test results Document Lessons Learned Present results to CCSDS working group Key deliverable Test report in CCSDS format for inclusion in yellow book

NASA Internal IPV4 IPsec VPN Tunnel Cisco 3825 Router Ground Station R1 CCSDS Satellite R2 GE 0/0 192.168.1.1 GE 0/1 192.168.2.1 GE 0/0 192.168.2.2 GE 0/1 192.168.3.1 GE 0/1 192.168.4.1 GE 0/2 192.168.3.2 192.168.1.2 192.168.4.2 IPsec VPN Legend GE – Gigabit Ethernet Receive Station R3 Internal IPsec IPv4 tests completed Linux Box Linux Box Tunnel represents a direct logical connection between R1 & R3 through R2. However, all communication between R1 & R3 go through R2 (representing a satellite/networked cloud)

NASA Internal IPV6 IPsec VPN Tunnel Cisco 3825 Router Ground Station R1 CCSDS Satellite R2 GE 0/0 2001:db8:1:1::1/64 GE 0/1 2001:db8:1:2::1/64 GE 0/0 2001:db8:1:2::2/64 GE 0/1 2001:db8:1:3::1/64 GE 0/1 2001:db8:1:4::1/64 GE 0/2 2001:db8:1:3::2/64 GE 0/0 2001:db8:1:X::X/64 GE 0/0 2001:db8:1:4::2/64 IPsec VPN Legend GE – Gigabit Ethernet Internal IPsec IPv4 tests completed Linux Box Linux Box Cisco 3825 Router Receive Station R3 Tunnel represents a direct logical connection between R1 & R3 through R2. However, all communication between R1 & R3 go through R2 (representing a satellite/networked cloud)

CCSDS IPV4 IPsec VPN Tunnel Legend GE – Gigabit Ethernet NASA CNES NASA VPN Gateway CNES VPN Gateway 10.X.X.X IPsec VPN 192.168.1.1 10.20.X.X 192.168.1.2 CNES host NASA host Cisco 3825 Router R1 CNES Router Current CCSDS IPv4 IPsec VPN Tunnel setup and configuration

Planned CCSDS Yellow Book IPsec Test Matrix # IPV4/6 ESP Tunnel Integrity IPcomp Authenticated Encryption Confidentiality Manual Key Auto Key No Rekey 1 4 X   2 3 5 6 7 8 9 10 11 12 13 14 15 16 of 10

Modified* CCSDS Yellow Book IPsec Test Matrix # IPV4 ESP Tunnel Integrity IPcomp Authenticated Encryption Confidentiality Manual Key Auto Key No Rekey 1 4 X   2 3 5 6 7 8 * Due to limited IPv6 support of 10

Lessons Learned Red Book should clearly define baseline parameters for future prototype testing.

Backup

Questions

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.