A Security Pattern for a Virtual Private Network

1
A Security Pattern for a Virtual Private Network

• Ajoy Kumar and Eduardo B. Fernandez
• Dept. of Computer Science and Eng.
• Florida Atlantic University
• Boca Raton, FL , USA

Secure Systems Research Group Florida Atlantic University
2
Introduction

• Virtual Private Networks (VPN) make use of public
  network resources to access internal nodes of an
  enterprise. Within the VPN, the transmission is
  protected by security mechanisms to provide
  confidentiality and integrity. So a private
  network is established. Since this network exists
  only in a virtual sense, it has been termed a
  virtual private network.

Secure Systems Research Group Florida Atlantic University
3
VPN

• VPN uses a technique called tunneling, in which
  data is transmitted across a public network in a
  cryptographic tunnel that simulates an end to end
  connection. The end connections could be both
  private or one end private with the other end
  being a public domain.

Secure Systems Research Group Florida Atlantic University
4
VPN
R1 Router at Site A. R2 Router at Site B.
Secure Systems Research Group Florida Atlantic University
5
Figure 2. Network Layers and Patterns

•  

AU T H E N T I CA T I ON SECRECY AUTHOR I ZAT ION IDENT I F I C A T I O N
FireWall IDS VPN Protocol
Application XML FW XML IDS XML VPN SAML
TCP Proxy FW TCP IDS TLS/SSL VPN TLS
IP Packet FW Packet IDS IPSec VPN IPSec
Secure Systems Research Group Florida Atlantic University
6

• Pattern Diagram for VPN

VPN
TLS VPN
IP VPN
XML VPN
TLS
IPSec
Secure Channel
Authentication
Secure Systems Research Group Florida Atlantic University
7
Problem

• In todays world, a lot of people work remotely.
  They need a secure connection to their company
  network. We need to develop a secure architecture
  so that confidential work can be performed. Many
  companies have offices distributed all over the
  globe. The employees of such companies need to
  communicate securely.

Secure Systems Research Group Florida Atlantic University
8
Forces

• The number of users remotely connected may be
  growing the system should be scalable.
• The system should be flexible enough to
  accommodate different ways of providing security.
  
• We should restrict access to the system to only
  authorized users.
• We need to use the Internet or public networks to
  reduce the cost in turn subjecting the private
  network established within the public network to
  numerous threats faced by the public networks
  such as Denial of Services and other attacks.

Secure Systems Research Group Florida Atlantic University
9
Solution

• A secure VPN connection is established between
  the end user and the local network. A
  cryptographic tunnel is set up between the end
  user and the local network This VPN Tunnel may
  provide data integrity and confidentiality if
  properly implemented. The network is able to
  authenticate a user accessing an end point.

Secure Systems Research Group Florida Atlantic University
10
Class Diagram
Network
VPN


Network End Point
1
1
Authenticator

Secure Channel
1
Identity Base

Identity
Secure Systems Research Group Florida Atlantic University
11
Sequence Diagram
Secure Systems Research Group Florida Atlantic University
12
Variants

• Virtual Priivate Networks can be established at
  the Application layer, IP Layer or the TCP layer.
  XML VPN are established at the application layer
  and IP VPN are established at the IP Layer and
  TSL VPN are established at the TCP Layer.

Secure Systems Research Group Florida Atlantic University
13
Known Uses

• Ctrix provides a site to site SSL VPN connection
  for remote users to log into the secure network
  as well as access applications on the company
  (secure) network. Cit
• Cisco VPN on the other hand uses a IPSec VPN.
  Cis
• Nokia VPN provides VPN connection for Nokia
  Mobile Users. Nok

Secure Systems Research Group Florida Atlantic University
14
Advantages

• Users are authenticated by the system to control
  their access to the VPN.
• We could add a logging system for the users
  logging in at the end points for future audits.
• If we use secure encryption, we can provide data
  confidentiality and integrity for the messages
  sent through the VPN.

Secure Systems Research Group Florida Atlantic University
15
Disadvantages

• If the VPN connection is compromised, the
  attacker could get full access to the internal
  network.
• Because of encryption, VPN traffic is invisible
  to IDS monitoring. If the IDS probe is outside
  the VPN server, as is often the case, then the
  IDS cannot see the traffic within the VPN tunnel.
  Therefore if a hacker gains access to the VPN, he
  can attack the internal systems without being
  detected by the IDS.

Secure Systems Research Group Florida Atlantic University
16
Disadvantages (Contd)

• In case of VPN with a private end user, the
  remote computer used by the private user is
  vulnerable to outside attacks which in turn can
  attack the network it is connected to.
• The VPN Tunnel is only as strong as the
  cryptographic protocol used.

Secure Systems Research Group Florida Atlantic University
17
Related Patterns

• Firewalls can be added to each network layer to
  make the network layer more secure. Fer03
• IDS can also coexist in each of these network
  layers to detect attack. Fer05
• Secure Channel and Authenticator establishes the
  security mechanisms.

Secure Systems Research Group Florida Atlantic University
18
Conclusions

• A VPN is a basic component in network
  architectures. We presented here a pattern for
  its architecture and security properties. Future
  work will integrate this pattern with other
  patterns shown in Figure 3.

Secure Systems Research Group Florida Atlantic University
19
Q A

• Suggestions
• Modifications
• Corrections

Secure Systems Research Group Florida Atlantic University