Title: A Security Pattern for a Virtual Private Network
1A Security Pattern for a Virtual Private Network
- Ajoy Kumar and Eduardo B. Fernandez
- Dept. of Computer Science and Eng.
- Florida Atlantic University
- Boca Raton, FL , USA
Secure Systems Research Group Florida Atlantic University
2Introduction
- Virtual Private Networks (VPN) make use of public
network resources to access internal nodes of an
enterprise. Within the VPN, the transmission is
protected by security mechanisms to provide
confidentiality and integrity. So a private
network is established. Since this network exists
only in a virtual sense, it has been termed a
virtual private network.
Secure Systems Research Group Florida Atlantic University
3VPN
- VPN uses a technique called tunneling, in which
data is transmitted across a public network in a
cryptographic tunnel that simulates an end to end
connection. The end connections could be both
private or one end private with the other end
being a public domain.
Secure Systems Research Group Florida Atlantic University
4VPN
R1 Router at Site A. R2 Router at Site B.
Secure Systems Research Group Florida Atlantic University
5Figure 2. Network Layers and Patterns
AU T H E N T I CA T I ON SECRECY AUTHOR I ZAT ION IDENT I F I C A T I O N
FireWall IDS VPN Protocol
Application XML FW XML IDS XML VPN SAML
TCP Proxy FW TCP IDS TLS/SSL VPN TLS
IP Packet FW Packet IDS IPSec VPN IPSec
Secure Systems Research Group Florida Atlantic University
6VPN
TLS VPN
IP VPN
XML VPN
TLS
IPSec
Secure Channel
Authentication
Secure Systems Research Group Florida Atlantic University
7Problem
- In todays world, a lot of people work remotely.
They need a secure connection to their company
network. We need to develop a secure architecture
so that confidential work can be performed. Many
companies have offices distributed all over the
globe. The employees of such companies need to
communicate securely.
Secure Systems Research Group Florida Atlantic University
8Forces
- The number of users remotely connected may be
growing the system should be scalable. - The system should be flexible enough to
accommodate different ways of providing security.
- We should restrict access to the system to only
authorized users. - We need to use the Internet or public networks to
reduce the cost in turn subjecting the private
network established within the public network to
numerous threats faced by the public networks
such as Denial of Services and other attacks.
Secure Systems Research Group Florida Atlantic University
9Solution
- A secure VPN connection is established between
the end user and the local network. A
cryptographic tunnel is set up between the end
user and the local network This VPN Tunnel may
provide data integrity and confidentiality if
properly implemented. The network is able to
authenticate a user accessing an end point.
Secure Systems Research Group Florida Atlantic University
10Class Diagram
Network
VPN
Network End Point
1
1
Authenticator
Secure Channel
1
Identity Base
Identity
Secure Systems Research Group Florida Atlantic University
11Sequence Diagram
Secure Systems Research Group Florida Atlantic University
12Variants
- Virtual Priivate Networks can be established at
the Application layer, IP Layer or the TCP layer.
XML VPN are established at the application layer
and IP VPN are established at the IP Layer and
TSL VPN are established at the TCP Layer.
Secure Systems Research Group Florida Atlantic University
13Known Uses
- Ctrix provides a site to site SSL VPN connection
for remote users to log into the secure network
as well as access applications on the company
(secure) network. Cit - Cisco VPN on the other hand uses a IPSec VPN.
Cis - Nokia VPN provides VPN connection for Nokia
Mobile Users. Nok
Secure Systems Research Group Florida Atlantic University
14Advantages
- Users are authenticated by the system to control
their access to the VPN. - We could add a logging system for the users
logging in at the end points for future audits. - If we use secure encryption, we can provide data
confidentiality and integrity for the messages
sent through the VPN.
Secure Systems Research Group Florida Atlantic University
15Disadvantages
- If the VPN connection is compromised, the
attacker could get full access to the internal
network. - Because of encryption, VPN traffic is invisible
to IDS monitoring. If the IDS probe is outside
the VPN server, as is often the case, then the
IDS cannot see the traffic within the VPN tunnel.
Therefore if a hacker gains access to the VPN, he
can attack the internal systems without being
detected by the IDS.
Secure Systems Research Group Florida Atlantic University
16Disadvantages (Contd)
- In case of VPN with a private end user, the
remote computer used by the private user is
vulnerable to outside attacks which in turn can
attack the network it is connected to. - The VPN Tunnel is only as strong as the
cryptographic protocol used.
Secure Systems Research Group Florida Atlantic University
17Related Patterns
- Firewalls can be added to each network layer to
make the network layer more secure. Fer03 - IDS can also coexist in each of these network
layers to detect attack. Fer05 - Secure Channel and Authenticator establishes the
security mechanisms.
Secure Systems Research Group Florida Atlantic University
18Conclusions
- A VPN is a basic component in network
architectures. We presented here a pattern for
its architecture and security properties. Future
work will integrate this pattern with other
patterns shown in Figure 3.
Secure Systems Research Group Florida Atlantic University
19Q A
- Suggestions
- Modifications
- Corrections
Secure Systems Research Group Florida Atlantic University