Securing the Network
Abstract
(U) The Securing the Network program will meet the steadily increasing DoD demands for a new networking infrastructure with a much higher level of security. Clean slate architectures for Internet protocols are needed that reflect security and trust explicitly in their design, starting with network and transport functions, to derive far greater roots of trust. Protocols that reflect more compute intensive approaches to control are enabled by the drastic reduction of computing cost, compared to design assumptions decades ago. Specific approaches will include, but are not limited to, cryptographic handshake at all network layers above physical and data link functions; network management software that exhibits strong roots of trust, running in trusted substrates; routers that permit significant computing power to be applied at intermediate points along the data pathways and provide virtualization features enabling multiple protocols to be deployed; and information movement based on object-by-object encryption, with accountability enforced in network appliances at all network levels.
Document Details
- Document Type
- Accomplishment
- Publication Date
- Oct 01, 2011
- Source ID
- 6b798cd2ae2768d82a30d390b3c248fc