Advanced security gateways for heterogeneous tactical ad hoc networks

Secure and reliable communication is very important for a lot of different use cases. One major area of application is Network Enabled Capabilities (NEC). Security and reliability are even harder to achieve for the tactical domain, when different nations with a variety of communication technologies have to form a heterogeneous ad hoc network. CoNSIS (Coalition Networks for Secure Information Sharing) is a multinational project which aims at developing, implementing, testing, and demonstrating technologies and methods that will facilitate the participants´ abilities to share information and services securely in ad-hoc coalitions, and between military and civil communication systems, within the communications constraints of mobile tactical forces. Based on the results obtained from the field tests, this paper proposes an enhanced model for the interaction between a tactical router and a security gateway. Our integrated approach uses encrypted tunnels for the security gateway which are set up automatically by the routing instance. Furthermore, multicast traffic is encrypted separately without tunneling, whereas forwarding is done by the operating system kernel on the basis of the tunnel devices. This approach can be seen as a generic link layer encryption with ad hoc capabilities based on IPsec. It still allows using the broadcast capabilities of the radio devices for multicast and broadcast traffic.