Host Identity Protocol (HIP) is a standard network security protocol that was born from over 20 years of development, testing, and deployment in co-ordination with companies such as Ericsson, Nokia, and Verizon, as well as standards bodies such as the Trusted Computing Group, IEEE 802, before being officially ratified in 2015 by the Internet Engineering Task Force (IETF).
HIP was first deployed in the defense and aerospace industries as a cost-efficient and scalable solution to address growing network threats and has been in use for over 10 years in environments where downtime is exceedingly costly.
HIP separates the role of IP address as both host identity and location. It enables us to define network trust relationships by identity at the device level, with traditional IP addressing for location across the Internet. The separation of location and identity eliminates much of the complexity and constraints that make secure networking impossible. It makes direct device-to-device connections possible, no matter where the devices are located, enabling borderless networking. HIP allows us to transition from address-defined networking to identity defined networking.
IP addresses became ephemeral in nature yet we did nothing to address that TCPIP fate-shares with those IP addresses. That was one of the key things that we brought in with HIP. We did that decoupling. We made it so that now the application in the TCP is the HIT (Host Identity Tag) not the actual address of the interface.
Bob Moskowitz, Father of the Host Identity Protocol
No doubt about it – this Hall of Famer (Tempered Networks) took the open source HIP and turned it into what may become the most important security innovation since encryption itself became mainstream in cyberspace.
Peter Stephensn, Lab Director and Technology Editor, SC Magazine
The IDN solution should pay big dividends for organizations looking to simplify cloud networking. Doing something such as peering Amazon Web Services (AWS) and Microsoft Azure at the network edge is not easy and requires hundreds of configuration steps to resolve IP addressing conflicts and peering challenges. Because HIP uses identity for network connectivity, cloud instances can be directly connected to other instances that can traverse the AWS or Azure edges.
Zeus Kerravala, Principal Analyst, ZK Research