Dynamic and secure management of VPNs in IPv6 multi-domain scenarios

IPsec-based VPN solutions today run mainly in the IPv4 environment and it is important that they have the capability of being upgraded to IPv6 to remain interoperable in next generation Internet. Two of the key components of every VPN solution are the trust management system used to secure the VPN establishment process and the policy mechanism used to control the VPN life-cycle. However, these two components have not received much research effort in the IPv6 world, so although IPsec IPv6-enabled implementations are getting mature, the deployment of secure VPNs in IPv6 is progressing rather slowly. This paper provides a new vision on how trust management based on cross-certification can be extended to IPv6 multi-domain scenarios and presents a policy management architecture proposed to build flexible, large-scale interoperable IPv6 VPNs solutions.