Research On IPSec And Its Test Techniques

With worldwide application of Internet, computer networks have deeply penetrated into our social life; consequently, human social activities are more and more dependent on networks. While people are enjoying convenience and benefits from networks, network insecurity has also aroused deep concern for its ever-growing damages caused by hacker attacks. IETF (Internet Engineering Task Force) has addressed to insecurity issues by specifying a set of protocols called IPSec (IP Security) to hide the IP header through encapsulation and to encipher payload part in an IP packet, in addition to patches to insecurity holes of existing protocols. This MSc thesis present a comprehensive analysis of IPSec protocol set as part of research on Internet security issues and provides a basis for the main part of MSc research work, i.e. test suite planning and specification for IPSec.The main part of this dissertation involves testing of IPSec with an emphasis on conformance testing backed up by the research activities concerning concurrent testing techniques for multi-port routers carried out at SC-Netcom Lab. In view that IPSec is a complex protocol set; the priority in test specification has been given to a particular protocol called AH (Authentication Header) in this thesis. It also provides a good reference on the research of security mecanisum for an ongoing project called SUPA (Single physical layer User-data transfer & switching Platform Architecture) at SC-Netcom Lab.Discussion in chapter 2 is focused on the problems of Internet security, the background of IPSec development, its architecture and operation principles. A comprehensive discussion on the advantages and disadvantages of IPSec is also provided in view of next generation of Internet architecture.Chapter 3 is dedicated to introduce concurrent testing techniques for multi-port routers based on the analisis of limitation of traditional test technology. Chapter 4 provides principles for IPSec test suite planning and naming scheme for TPT (Two-Port Tester), with emphasis on the description of AH conformance test suite, IPSec performance and inter-operability test suite. Chapter 5 introduces TTCN-3 (Testing and Test Control Notation Version 3) and completes the description of AH ATC (Abstract Test Case) working on IPSec TPT.The work presented in this dissertation will provides direct conduct and good reference for next development of test suites, and at the same time has certain reference value to the reader who uses TTCN-3 to define test control data.