Check out the new USENIX Web site.

Yoshiyuki Tsuda, Toshiba Corporation

Abstract:

We are researching and developing a secure-mobile network system, named "Network CryptoGate (NCG)", which provides secure Virtual Private Network (VPN) environment for mobile users in enterprises. Using that system, mobile users can access proprietary information securely and seamlessly, as if they were connected to their home network regardless of their current network location. In order to make the whole system interoperable with other implementations, our NCG is designed based upon IETF standards: IP Security (IPSEC) and Mobile IP (MobileIP).

There are two major components in NCG; NCG servers and NCG clients. A NCG server is a server statically located in its own NCG domain of the corporate network. A NCG domain is a set of subnets to which a NCG server provides VPN services. Namely, a NCG server centrally performs services including encryption, decryption and authentication, for all the traffic from its NCG domain to the VPN and vice versa. Also, a NCG server has the agent functionality of MobileIP; it registers the current location of a mobile terminal which has its home in the NCG server's domain, and performs automatic forwarding of the IP packets destined to the mobile terminal, to the current location. Currently, NCG servers have implemented on Solaris, and now we are porting those on Windows NT.

A NCG client is a client software for a mobile terminal. A NCG client encrypts, decrypts and authenticates VPN traffic. Also, a NCG client performs the MobileIP mobility function for mobile terminals. We have developed NCG clients on Windows NT, and now porting those on Windows 95.

Current NCG clients consists of a NDIS driver, a transport driver and an application program, At the workshop I would like to discuss with those who have developed network drivers about the following items:

- Whether our approach is adequate or not ?
- How to create those network drivers efficiently ?
- To which should we go in the future ?

Yoshiyuki Tsuda
TOSHIBA corporation
tsuntsun@isl.rdc.toshiba.co.jp
communication and information system research labs,
R&D center, TOSHIBA corporation
1 Komukai-Toshiba-cho, Saiwai-ku, Kawasaki, 210 JAPAN
phone: +81-44-549-2238