Supernetworking: The Next Generation of Secure Enterprise Networking

Christoph Schuba

(joint work with Germano Caronni, Sandeep Kumar, Glenn Scott)

Networking and Security Center, Sun Microsystems

We present a vision of computing environments in which networks are built around dynamically changing communities of participants, rather than having communities built around networks. This vision is realized through a design abstraction called "supernetworking". A first prototype of such a Supernet has been implemented on Linux.

Supernetworking introduces a new layer of abstraction in a layered model of computer networking. The Supernet layer sits directly above the network layer and includes its own addressing structure and security services that protect all data transmitted by the network layer.

A key component of a Supernet is communications tunneling. Instead of the traditional two endpoints, our tunnels have as many endpoints as there are machines participating in a Supernet. While tunneling has been repeatedly used to implement infrastructure services such as multicasting, virtual private networks, and support for mobility, we distill these technologies into a single, simple abstraction.

This new abstraction enables technologies such as the out-sourcing of network infrastructure services in a transparent and secure manner, mobility, and the creation/administration of secure ad-hoc virtual computer networks.

Gates 498, 2/29/00, 4:15 PM