Secure IP Network Model
Apiecionek Łukasz 1, Romantowski Michał 2
1 Kazimierz Wielki University, Bydgoszcz, Institute of Technology
Jana Karola Chodkiewicza 30, 85-064 Bydgoszcz, Poland
E-mail: lapiecionek@ukw.edu.pl2 Warsaw School of Economics
Niepodległości 162, 02-554 Warszawa, Polska
E-mail: mromantowski@wp.pl
Received:
Received: 14 March 2013; revised: 13 September 2013; accepted: 16 September 2013; published online: 16 October 2013
DOI: 10.12921/cmst.2013.19.4.209-216
OAI: oai:lib.psnc.pl:457
Abstract:
Although network security is a common concern in almost every network, it appears that no general model for building safe networks has been proposed. The existing models lack a comprehensive approach to the challenges that need to be faced by a modern, publicly accessible IT system. Such approach requires basing on modern access techniques and security mechanisms combination. The authors of this article conducted an examination of the existing IP-related technologies and developed a general secure network model. In this article a general-purpose layered network model is proposed. The presentation is preceded with a summary of the mentioned research. Additionally, the article contains an evaluation summary of two different military systems that have been created basing on the proposed model. The test has been formally executed during CWIX (Coalition Warrior Interoperability eXploration, eXperimentation, eXamination, eXercise) organized by NATO.
Key words:
References:
[1] ISSC NATO Open Systems Working Group, Allied Data
Publication 34(ADatP-34) NATO C3 Technical Architecture
Volume 2. Architectural Descriptions and Models. Version
7.0, 15.XII.2005
[2] D. Minoli, Security in an IPv6 Environment, Auerbach Publi-
cations 2009, Print ISBN: 978-1-4200-9229-5, eBook ISBN:
978-1-4200-9230-1
[3] J.K. Tudor, Information Security Architecture. An Integrated
Approach to Security in the Organization, Auerbach Publi-
cations 2001, Print ISBN: 978-0-8493-9988-6, eBook ISBN:
978-1-4200-3103-4
[4] S. McClure, Scambray J., Kurtz G., Hacking Exposed Fifth
Edition: Network Security Secrets & Solutions, Osborne, Cal-
ifornia 2005, ISBN 0-07-226081-5
[5] Guidance document on the implementation of gateways
for information exchange between NATO and external
CIS communities version 1.21 dated 16th February 2007,
AC/322(SC/4)N(2007)0007, MULTI REF
[6] Ł. Apiecionek, M. Woźniak, M. Romantowski, W. Znaniecki,
Information assurance in coalition mission environment, Mil-
itary Communications and Information Systems Conference
(MCC), Wrocław 27-29.09.2010
[7] Ł. Apiecionek, M. Romantowski, J. Sliwa, B. Jasiul, R. Go-
niacz, Safe Exchange of Information for Civil-Military Op-
erations. MCC 2011: Military Communications and Infor-
mation Systems Conference, Amsterdam, 17-18.10.2011.
w: Military Communications and Information Technology:
A Comprehensive Approach Enabler. Pod redakcja ̨ Marka
Amanowicza. Warszawa: Redakcja Wydawnictw Wojskowej
Akademii Technicznej, 2011. ISBN 978-83-62954-20-9, s.
39-50 (MK-312)
[8] Olson R., Cyber Security Essentials, Auerbach Publications,
Pages 1-70, Print ISBN: 978-1-4398-5123-4, eBook ISBN:
978-1-4398-5126-5, DOI: 10.1201/b10485-2
[9] M. Chiang, A.R. Calderbank, Layering as Optimization De-
composition: A Mathematical Theory of Network Architec-
tures, Proc. of the IEEE, vol. 95, pp. 255-312, January 2007
Although network security is a common concern in almost every network, it appears that no general model for building safe networks has been proposed. The existing models lack a comprehensive approach to the challenges that need to be faced by a modern, publicly accessible IT system. Such approach requires basing on modern access techniques and security mechanisms combination. The authors of this article conducted an examination of the existing IP-related technologies and developed a general secure network model. In this article a general-purpose layered network model is proposed. The presentation is preceded with a summary of the mentioned research. Additionally, the article contains an evaluation summary of two different military systems that have been created basing on the proposed model. The test has been formally executed during CWIX (Coalition Warrior Interoperability eXploration, eXperimentation, eXamination, eXercise) organized by NATO.
Key words:
References:
[1] ISSC NATO Open Systems Working Group, Allied Data
Publication 34(ADatP-34) NATO C3 Technical Architecture
Volume 2. Architectural Descriptions and Models. Version
7.0, 15.XII.2005
[2] D. Minoli, Security in an IPv6 Environment, Auerbach Publi-
cations 2009, Print ISBN: 978-1-4200-9229-5, eBook ISBN:
978-1-4200-9230-1
[3] J.K. Tudor, Information Security Architecture. An Integrated
Approach to Security in the Organization, Auerbach Publi-
cations 2001, Print ISBN: 978-0-8493-9988-6, eBook ISBN:
978-1-4200-3103-4
[4] S. McClure, Scambray J., Kurtz G., Hacking Exposed Fifth
Edition: Network Security Secrets & Solutions, Osborne, Cal-
ifornia 2005, ISBN 0-07-226081-5
[5] Guidance document on the implementation of gateways
for information exchange between NATO and external
CIS communities version 1.21 dated 16th February 2007,
AC/322(SC/4)N(2007)0007, MULTI REF
[6] Ł. Apiecionek, M. Woźniak, M. Romantowski, W. Znaniecki,
Information assurance in coalition mission environment, Mil-
itary Communications and Information Systems Conference
(MCC), Wrocław 27-29.09.2010
[7] Ł. Apiecionek, M. Romantowski, J. Sliwa, B. Jasiul, R. Go-
niacz, Safe Exchange of Information for Civil-Military Op-
erations. MCC 2011: Military Communications and Infor-
mation Systems Conference, Amsterdam, 17-18.10.2011.
w: Military Communications and Information Technology:
A Comprehensive Approach Enabler. Pod redakcja ̨ Marka
Amanowicza. Warszawa: Redakcja Wydawnictw Wojskowej
Akademii Technicznej, 2011. ISBN 978-83-62954-20-9, s.
39-50 (MK-312)
[8] Olson R., Cyber Security Essentials, Auerbach Publications,
Pages 1-70, Print ISBN: 978-1-4398-5123-4, eBook ISBN:
978-1-4398-5126-5, DOI: 10.1201/b10485-2
[9] M. Chiang, A.R. Calderbank, Layering as Optimization De-
composition: A Mathematical Theory of Network Architec-
tures, Proc. of the IEEE, vol. 95, pp. 255-312, January 2007