With the advent and ubiquity of the Internet, virtual private networks have emerged as a way to build a private communication network over a shared public or private infrastructure or a base network. Virtual private networks provide secure private connections over the Internet by enabling authentication of users and locations, delivering secure and private “tunnels.”
Today, most virtual private networks are Internet Protocol (IP) based and are established through the Internet. Typically, one or more local networks or hosts are connected securely across the Internet using the well known IPsec standard. IPsec is a framework of open standards for ensuring secure private communications over the Internet. Based on standards developed by the Internet Engineering Task Force (IETF), IPsec is intended to ensure confidentiality, integrity, and authenticity of data communications across a public network. IPsec provides a necessary component of a standards-based, flexible solution for deploying a network-wide security policy.
Locally, on a local network or host, a mandatory access control policy (MAC) is often implemented to protect and contain computer processes, data, and system devices from misuse. A MAC involves denying users full control over the access to resources that they create. Instead, the system security policy determines the access rights granted, and a user may not grant less restrictive access to their resources than the administrator specifies. Information under the control of the MAC are labeled and the security controls applied to a piece of information is dependent upon its label. For example, security labels, such as those used in the Bell-Padula model are known to those skilled in the art. Hence, a MAC defines an architecture for the evaluation of all security-related labels attached to information and makes decisions based upon the operations context and those same data labels.
In general, MAC implementation requires a highly trustworthy information processing system. For example, each computer that is being deployed with a MAC must use a trusted operating system (OS). Because all information in an MLS environment is physically accessible by the OS, strong logical controls must exist to ensure that access to information is strictly controlled.
While MAC security has been made generally available via operating systems like Linux, and extended to networking via IPsec labeling, there is currently no firewall-equivalent method of controlling the flow of IPsec-labeled traffic between networks connected across a VPN. Unfortunately, at this time, there is no known mechanism which translates IPsec-based labeling between different security realms of a VPN, where different security policies may be in effect. In addition, in some cases the security labels will have the same semantic meaning in different security realms but have a different representation. In other instances, the same security labels may have different semantic meanings.
Accordingly, it would desirable to provide a mechanism for effectively labeling traffic according to representational and/or semantic translation policies across various security realms. It would also be desirable to provide methods and systems that can enforce and apply access control policies that utilize security labels to secured network traffic, such as IPsec packets.