The Auto Channel
The Largest Independent Automotive Research Resource
The Largest Independent Automotive Research Resource
Official Website of the New Car Buyer

AIAG Facilitates IP Security Workshop

25 September 1997

AIAG Facilitates IP Security Workshop - Achieves Milestone in Networked Security Interoperability for the Automotive Network Exchange 

    KANATA, Ontario, Sept. 25 --  A consortium of information
technology industry leaders facilitated by the Automotive Industry Action
Group (AIAG) -- a not for profit trade association -- and the AIAG's
Automotive Network eXchange(SM)(ANX(SM)) initiative, today announced that a
new level of network security between multi-vendor security solutions has been
reached among an unprecedented number of network hardware and software
vendors.  Interoperability was achieved by the deployment of Internet
Engineering Task Force (IETF) IPSec standard-based solutions, allowing
networked secure communication among different vendor's security solutions.
The testing was completed at the fourth Internet Protocol Security -- IPSec --
Interoperability Testing Workshop sponsored by and held at Kanata, Ontario-
based TimeStep Corporation, a Newbridge Company.
    The workshop demonstrated a previously unattainable level of
interoperability between multiple hardware and software vendor solutions.
As a result of this interoperability, secure networked communication among
different vendors' security solutions is now possible, allowing for the safe
transmission of critical data over the ANX and other TCP/IP -- Transmission
Control Protocol/Internet Protocol -- networks.
    "The IPSec standards addresses the long-standing concern of the lack of
security in TCP/IP," says Robert Moskowitz, chair of the AIAG's ANX Security
Work Group and co-chair of the Internet Engineering Task Force (IETF) IPSec
workgroup.  "It supplies the proper critical security components for all
TCP/IP networks; public or private."
    The AIAG's Telecommunications Project Team (TPT), which is currently in
the process of designing and implementing the ANX with Bell Communications
Research (Bellcore/SAIC) is mandating the latest in IP Security measures be
used for its ANX Secure IP Business Network service.  The ANX is a TCP/IP
based Virtual Private Network service designed to meet the automotive
industry's requirements in the service quality areas of performance,
reliability, administration/management, and security.
     "Several AIAG member companies representing corporate internetworking
interests assisted in the interoperability tests," said Karl E. Schohl, ANX
Business Manager.  "These companies have a vested interest in the success of
the ANX network -- of which security is a critical component.  The ANX will
allow companies to extend their corporate internets to their trading partners
via the ANX's IPSec-enabled Virtual Private Networking (VPN) capability."
   Three IP Security Interoperability Testing Workshops were held earlier this
year to test IPSec on a limited scale.  The seminars were hosted by networkMCI
in February, FTP Software in March and Lawrence Technological University in
June.
    "The ANX requires interoperability among software and hardware vendors'
standards-based security implementations, and these vendors were appreciative
of the opportunity to test their latest software/hardware versions with their
peers." added Schohl.
    "With the completion of the fourth AIAG-facilitated IP Security
Interoperability Testing Workshop, the ANX is poised for ANX Production
rollout in early 1998," Moskowitz said.  "In addition, discussions among
security vendors to facilitate further interoperability testing for future
refinements of IPSec have occurred."

    IPSec Background

    IPSec defines a set of standard security protocols that authenticate
TCP/IP connections, add data confidentiality and integrity to TCP/IP packets,
and are transparent to the application and the underlying network
infrastructure.  IPSec is designed to support multiple encryption and
authentication protocols so a company's security policy can dictate a desired
amount of data privacy and authentication.
    IPSec enables the realization of secure virtual private networking (VPN),
a relatively inexpensive and secure way to connect mobile workers,
telecommuters and branch offices to a corporate site over any TCP/IP network.
      The IPSec security standard was specifically designed to enable multi-
vendor interoperability.  IPSec's flexible key management scheme, ISAKMP
(Internet Security Association Key Management Protocol), allows two parties to
automatically and transparently agree on the session's security association
based on keys (Oakley), encryption, authentication algorithms, and other
parameters before any communications take place.
    In order to avoid confusion during testing, the security workgroup of
AIAG's TPT specified the version of the IP Security specifications for the
workshop.  Focusing on a specific set of currently available
drafts/specifications gave the vendors a distinct and achievable target to
shoot for during the interoperability workshops.
    Late in 1996, the AIAG's TPT -- Security Workgroup adopted the
Oakley/ISAKMP standard developed by the IETF's IPSec Workgroup.  The target is
the planned IP Security standard with which ANX Release 1.0 will pilot.  As
the IP Security standard evolves, the AIAG TPT will decide when and if the
stringent ANX specifications will change to reflect the standards.
    "The Oakley/ISAKMP technology compliments IPSec by supporting complex
multi-trust environments like those found in the automotive industry,"
Moskowitz said.  "This is why the AIAG is standardizing on IPSec with
Oakley/ISAKMP for all inter-trading partner communications."

    About the Participants

    AIAG member companies participating in the workshop included: Bellcore,
Chrysler Corp., Dana Corp.,  Dofasco Inc., Electronic Data Systems, General
Motors Corp., Netrex and PACCAR.
    Firewall vendors participating in the Interoperability Tests included:
Checkpoint Software Technologies, Ltd.; IBM*; Raptor Systems Inc.; Rainbow
Technology; SSH Communications Security; TimeStep Corp.; Trusted Information
Systems, Inc.; and Secure Computing Canada Ltd.
    End User Software Vendors participating in interoperability testing
included: AltaVista Internet Software; Frontier Technologies Corp.; Hewlett
Packard; Information Resource Engineering Inc.; Isolation Systems Ltd.;
Microsoft Corp.; and Redcreek.
    Hardware Vendors participating in interoperability testing included:
Ascend Communications; Cisco Systems Inc.; Cylan Technologies Inc.; Cylink
Corp.; Radguard Ltd.; Semaphore Communications Corp.; and VPNet Technologies
Inc.
    Security Systems Vendors participating in interoperability testing
included: Entrust Technologies Inc.; Intel Architecture Labs; Linux FreeS/WAN
Project; and Mentat.
    Several companies participated in the workshop as technology observers,
including: AT&T, Bay Networks, Daydreamer, and Toshiba.
    Founded in 1982, AIAG is a not-for-profit trade association of 1,300+
North American automotive and truck manufacturers and their suppliers.
Originally recognized for its efforts to standardize electronic data
interchange (EDI) and bar code standards to assist Tier One suppliers, AIAG's
mission has expanded to cover all levels of the OEM supply chain, as well as
to include numerous programs and initiatives aimed at improving its members'
productivity and quality.  More information about AIAG and the ANX can be
 found at http://www.aiag.org.

SOURCE  Automotive Industry Action Group