Network-Independent Support for Using Multiple IP Interfaces in Applications

All modern laptops, netbooks and smartphones are equipped with multiple network interfaces, several of which can provide Internet access at the same time, typically over different network providers or authorities. In addition to these physical interfaces, for security reasons, virtual interfaces are typically available, capable of maintaining virtual private connections to company, home or other community networks. Using these interfaces simultaneously is an idea that received a lot of attention from the research community. Yet, to assure user privacy, data confidentiality and to prevent information leaks, applications should not arbitrarily choose any of these interfaces, but should rather follow a pre-defined security policy. We discuss the impact of security considerations on the interface selection process and argue that previous proposals have largely ignored the security-mandated constraints. Beyond the question of choice, a general and user-friendly usage of several IP interfaces in parallel is largely unsupported on the modern OS. In this paper, we therefore design a network-independent architecture that enables a user to assign any network application, even in its runtime, to any available interface including virtual interfaces and independently of destination and source IP addresses. To validate our ideas, we implement the proposed solution under Linux. Our experiments show that the overhead of the solution is negligible in terms of network performance.