Unifying the secure DoD network and public ATM network infrastructure

The desire to transport classified traffic securely utilizing the current network security paradigm has led the US Department of Defense (DoD) to maintain its own, isolated network, distinct from the public ATM network infrastructure. Internally, the DoD maintains four completely separate and isolated networks to carry top-secret, secret, confidential, and unclassified traffic, respectively. A public ATM network may be viewed as carrying unclassified or non-secure traffic. While the cost of maintaining four separate networks is becoming increasingly prohibitive to the DoD, the inability of the public and DoD to utilize each other's network resources runs counter to the current atmosphere of dual use and economies of scale. This paper introduces the concept of a “mixed use” network, wherein the four DoD networks and the public ATM network are coalesced into a single, unified network that transports all four types of traffic, efficiently and without compromising their respective security. In “mixed use”, the ATM nodes and links that are common between the DoD and public networks are labeled “joint use” and fall under the jurisdiction of the military for obvious protection of the security assets. The concept of mixed use is the direct result of the user-level, security on demand principle that is enabled by the fundamental security framework and the basic characteristic of ATM networks. This paper models a representative 32-node public ATM network, a 40-node DoD network, and the coalesced 50-node “mixed use” network, and executes accurate simulations on a testbed that, in turn, executes on a network of Linux workstations configured as a loosely-coupled parallel processor