D. Results

The future National Information Infrastructure will include technologies for WAN and LAN access that are both faster and slower than current voice and data technologies. For example, ATM will offer high-speed data rates on a fixed wired infrastructure and will increase the availability of multimedia voice and audio applications. However, in addition to the changes in high-speed data computing, a new and very different networking world is slowly making its way on stage -- the world of mobile computing. Mobile computing is different for a number of reasons. By definition, mobile nodes are not tied to a wired infrastructure. They may roam from one network to another. This presents any number of challenges at all layers of the network stack. At the application layer, applications will have to learn how to deal with disconnection from the wired infrastructure. At the network layer, IP addresses will no longer correspond with a fixed location. There are a number of formidable security problems. Mobile networking systems will need to exhibit a higher degree of robustness than previous network systems since the loss of key system elements or the fragility of communication links may lead to the failure of widely distributed (and hence hard to debug) mobile nodes. Link layer authentication and encryption is not sufficient for mobile systems since packets may cross from a secure link onto an intermediate link with no built-in security facilities. In the past, relatively simple computers like PCs have been shielded in industry by firewall computers, which allow needed centralization of access control. When such computers begin to move around outside of the company or organization and visit public and commercial locations, they will need to take their security environment with them and be highly adaptable in the face of unknown security threats. Current work in the IETF is focused on developing a Mobile-IP protocol that will at least provide authentication services but is lacking in robustness and is not integrated with network security. Work has also not progressed to deal with groups of mobile systems that want to meet informally and form a temporary network. The security of such ad hoc networks will present new challenges. We need a way to tie network security and mobility together and encorporate robustness, and security services into the very fabric of networking. Our program of research targets the problems outlined above and will result in technology designed to provide secure and practical mobile network systems.

The principal outcomes of this project will be demonstrations of prototype software, technical reports, and transferable copies of the prototype systems. Secondary outcomes will include insights into ad hoc networking, secure and robust mobile network technology and distributed access control systems. We plan to participate in any IETF working groups relevant to our research; for example, IP security, Mobile-IP, and IP Next Generation. In addition, we will make software available to ARPA or to ARPA-designated third parties for additional experimentation and evaluation.

Some specific key results coming out of this proposal include:

  • Development of system software that will provide for secure mobile networks that may be distributed across a WAN or Internet backbone (secure enclaves). Mobile systems will have authentication, encryption, and distributed access control services.

  • Investigation of issues related to access control and mobility.

  • Investigation of issues related to robustness of mobile systems, including Home Agent redundancy and ad hoc routing software.

  • Development of mobile systems that can communicate in an ad hoc setting; i.e., without direct access to a base station.

  • A mobile security testbed that can be used for further investigation of mobile networking research issues.

    A necessary part of any research effort is technology exchange with and transition of results to a broader community. Portland State University's Department of Computer Science maintains a close working relationship with the high technology industry in the Portland metropolitan area. This interaction is mutually supportive and helps us reach our goals of technology transfer and development while adding an important dimension to the department's instructional and research programs.

    We intend to establish technology transfer programs with local industries including Intel and Sequent. Jim Valerio, the Chairman of the Intel Mobile Research Council, at Intel Corporation in Hillsboro Oregon, has expressed the desire to establish a program with us that would include demonstrations, talks, and software prototype exchanges. We will also establish an information transfer program with Sequent in Beaverton, Oregon under the auspices of Ned Smith.

    We consider all of the technology listed in the results section (barring the export of encryption) to be transferable and believe that widespread application of the technology proposed could have a considerable impact on data communication in business and government. PSU will seek to bring potential products resulting from this proposal to commericial practice in cooperation with interested software firms. Potential products could include:

  • Secure mobile end systems. For example, laptop computers with secure tunnels could enable secure remote access to enterprise computing facilities.

  • Fail-safe Home Agent systems.

  • Mobile distributed access control systems. Laptop systems need to be able to respond to possible local threats.

  • Ad hoc capable mobile computers. Certainly ad hoc computing could be a boon in terms of "instant networking" in remote conference situations.
    back to Proposal Outline

    Email to Jim Binkley:
    jrb@cs.pdx.edu