Security Considerations for Mobility and Firewalls
draft-binkrich-mobisec-00
| Document | Type |
Expired Internet-Draft
(individual)
Expired & archived
|
|
|---|---|---|---|
| Authors | Jim Binkley , John W. Richardson | ||
| Last updated | 1998-11-11 | ||
| RFC stream | (None) | ||
| Intended RFC status | (None) | ||
| Formats | |||
| Stream | Stream state | (No stream defined) | |
| Consensus boilerplate | Unknown | ||
| RFC Editor Note | (None) | ||
| IESG | IESG state | Expired | |
| Telechat date | (None) | ||
| Responsible AD | (None) | ||
| Send notices to | (None) |
This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:
Abstract
In this paper we discuss various security issues concerning Mobile Hosts using Mobile-IP or other mobility systems (DHCP standalone) and current firewall technology. We first present some recent attacks on the Internet and what they might mean for mobile systems like Mobile-IP that rely on tunneling technologies. We point out that tunnels are a security threat and suggest how mobile systems may be made 'less insecure' with the use of IP layer security (IPSEC) as one means for creating Virtual Private Networks. The goal is to describe a security model wherein mobile systems can work across the Internet and not just as an interior routing protocol within one security and/or interior routing domain. Both the protection of Mobile Systems abroad and of Security Enclaves that tolerate mobile visitors must be considered.
Authors
Jim Binkley
John W. Richardson
(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)