IEEE Transactions on Software Engineering
Integrated services provisioning across cryptographic boundaries
MILCOM'06 Proceedings of the 2006 IEEE conference on Military communications
| Hi-index | 0.00 |
In crypto-partitioned networks classified clear text enclaves (i.e., red enclaves) are interconnected over an enciphered unclassified transit network (i.e., black network) via IPSEC tunnels. Thus, packets are encrypted before they are allowed to cross from red networks to a shared black network. Currently, there is no solution that can provide efficient end-to-end IntServ QoS signaling across crypto-partitioned networks because routers within the black networks will not be able to identify and process the encrypted signaling messages. In this paper, we describe a new end-to-end IntServ QoS signaling mechanism that enables QoS provisioning for flows traversing crypto-partitioned networks. The new mechanism is scalable, self-configuring, provides accurate QoS provisioning and preserves IntServ signaling semantics.