Mobile IP (MIP) is an IP extension for passing IP datagrams between Mobile Nodes and their Corresponding Nodes as the Mobile Nodes change their attachment points on the Internet.  MIP is  well known to be susceptible to spoofing attacks, in which adversaries may broadcast false IP Address Updates and redirect all IP traffic sent to targeted Mobile Nodes to some other nodes.  Robust and scalable mitigations against these attacks require the use of a global key-management infrastructure to authenticate and secure communications among Mobile Nodes, Corresponding Nodes and Mobile IP Management Agents. 

In MoIPS project, we developed a DNS-based X.509 Public-Key Infrastructure (PKI), and the necessary protocols to protect the Mobile IP Management Protocol as well as node-to-node communications. We also design a hierarchical Mobile IP management structure, which can greatly reduce the need for end-to-end address updates to serve rapid moving nodes.  The MoIPS prototype was built upon FreeBSD and distributed as an integrated part of CMU MIP v.4 implementation.

For more information, please refer to MoIPS Webpage.

As security devices such as firewalls and protocols such as IPsec become widely used on the Internet, we witness a steep growth in complexity and cost for managing Internet security policies.

In PBSM project, we developed a hierarchical domain-based policy management architecture and a distributed server system to enforce IP packet-filtering and IPsec communication policies. The project produced a platform independent Security Policy Specification Language (SPSL),  a lattice-based algebraic semantic model of IPsec policies ― both are the first of their kinds ― and a Security Policy Negotiation Protocol (SPP), which competed with COPS to be the standard policy exchange protocol. 

The PBSM system can be used to manage multiple firewalls and IPsec Virtual Private Networks (VPNs) deployed over disjointed or overlapped enterprise networks. Its technology was the founding basis of IETF IP Security Policy (IPSP) Working Group.  Its implementation, which was built upon FreeBSD and KAME IPsec, is available for non-commercial uses.

For more information, please refer to MoIPS Webpage.

As a follow-on of PBSM, Pledge project aimed at expanding the hierarchical domain architecture for the purpose of managing military Multi-Level Security (MLS) Information Security (InfoSec) Policies. Pledge project is a part of an overall plan to develop effective models and management systems for future military Information Assurance (IA) Platform.

The network, system and policy models developed in Pledge may be regarded as system abstractions (in contrast to the mission abstractions) of the IA Platform. These models aim at supporting aggregation and elaboration of functional, organizational and operational characteristics of communication, computing and controlling elements; nevertheless, they were not designed to characterize the missions performed over the distributed platform.  The models are again hierarchical, and divided commonly into agent, enclave and domain levels.  At each level, IA elements are abstracted into objects  formal templates based policy abstractions, can be regarded as the low and middle levels abstraction of IA networks. Hence, their specification languages are expected to provide a useful interface between the IA system and mission abstractions.