Title :
Secure remote access from office to home
Author_Institution :
Aizu Univ., Fukushima, Japan
fDate :
10/1/2001 12:00:00 AM
Abstract :
When accessing IP-ready appliances at home from a remote site, security is a major concern. We address the seemingly common scenario of accessing IP-ready appliances behind a home firewall from a remote PC within a corporate intranet. The scenario reveals the complex nature of secure remote access. Various IP tunneling technologies can provide secure remote access without sacrificing the ubiquitous accessibility of the Internet; however, the problem of multiple authentication processes is evident in the framework. Digital certificate technology can simplify the authentication process required to establish multiple IP tunnels. However, IP tunneling technologies do not scale well, and become infeasible if the number of firewalls to traverse increases. Scalability and end-to-end security requirements call for the deployment of authenticated firewall traversal methods that use minimal or no IP tunnels. This article describes a meet-in-the-middle network model as a simple and practical method
Keywords :
Internet; authorisation; home computing; intranets; message authentication; microcomputer applications; telecommunication security; transport protocols; IP tunneling technologies; IP-ready appliance access; Internet; authenticated firewall traversal methods; corporate intranet; digital certificate technology; home firewall; meet-in-the-middle network model; multiple IP tunnels; multiple authentication; remote PC; secure remote access; security requirements scalability; Authentication; Electrostatic precipitators; Home appliances; Internet; Network address translation; Payloads; Protection; Security; TCPIP; Tunneling;
Journal_Title :
Communications Magazine, IEEE
