Secure remote access from office to home

Author

Kara, Atsushi

Author_Institution

Aizu Univ., Fukushima, Japan

Volume

39

Issue

10

fYear

2001

fDate

10/1/2001 12:00:00 AM

Firstpage

68

Lastpage

72

Abstract

When accessing IP-ready appliances at home from a remote site, security is a major concern. We address the seemingly common scenario of accessing IP-ready appliances behind a home firewall from a remote PC within a corporate intranet. The scenario reveals the complex nature of secure remote access. Various IP tunneling technologies can provide secure remote access without sacrificing the ubiquitous accessibility of the Internet; however, the problem of multiple authentication processes is evident in the framework. Digital certificate technology can simplify the authentication process required to establish multiple IP tunnels. However, IP tunneling technologies do not scale well, and become infeasible if the number of firewalls to traverse increases. Scalability and end-to-end security requirements call for the deployment of authenticated firewall traversal methods that use minimal or no IP tunnels. This article describes a meet-in-the-middle network model as a simple and practical method

Keywords

Internet; authorisation; home computing; intranets; message authentication; microcomputer applications; telecommunication security; transport protocols; IP tunneling technologies; IP-ready appliance access; Internet; authenticated firewall traversal methods; corporate intranet; digital certificate technology; home firewall; meet-in-the-middle network model; multiple IP tunnels; multiple authentication; remote PC; secure remote access; security requirements scalability; Authentication; Electrostatic precipitators; Home appliances; Internet; Network address translation; Payloads; Protection; Security; TCPIP; Tunneling;

fLanguage

English

Journal_Title

Communications Magazine, IEEE

Publisher

ieee

ISSN

0163-6804

Type

jour

DOI

10.1109/35.956115

Filename

956115