External authentication approach for virtual private network using LDAP

For protecting the sensitive data from the hackers while transmitting the data OSI model provides security mechanism such as Internet Protocol Security (IPSec) in network layer and Socket Secured Layer (SSL) in transport layer etc. In the data link layer Point to Point Tunneling Protocol (PPTP), which is used to make secure tunnel for exchanging information, is one way to implement the so called VIRTUAL PRIVATE NETWORK (VPN). To enhance the security and reliability of VPN a strong authentication mechanism is required on top of the traditional username and password authentication credentials [1]. In this paper an honest attempt is made to propose procedures to create platform independent two step authentication process in PPTP VPN which is also referred to as External Database Authentication. The advantage of this approach is that user information is stored in a dedicated authentication server which can have a large pool of organized, directory-based user data along with greater robustness and security. Hence this approach proposes to extend the functionality of Lightweight Directory Access Protocol (LDAP) server being located in an organization´s LAN, in order to strengthen the authentication process of PPTP VPN.