search query: @keyword VPN / total: 66
reference: 13 / 66
Author: | Nie, Cong |
Title: | Feasibility Study on WLAN-3GPP Mobile VPN Tunnel |
Publication type: | Master's thesis |
Publication year: | 2010 |
Pages: | [10] + 61 Language: eng |
Department/School: | Informaatio- ja luonnontieteiden tiedekunta |
Main subject: | Tietokoneverkot (T-110) |
Supervisor: | Gurtov, Andrei |
Instructor: | Cuny, Renaud |
OEVS: | Electronic archive copy is available via Aalto Thesis Database.
Instructions Reading digital theses in the closed network of the Aalto University Harald Herlin Learning CentreIn the closed network of Learning Centre you can read digital and digitized theses not available in the open network. The Learning Centre contact details and opening hours: https://learningcentre.aalto.fi/en/harald-herlin-learning-centre/ You can read theses on the Learning Centre customer computers, which are available on all floors.
Logging on to the customer computers
Opening a thesis
Reading the thesis
Printing the thesis
|
Location: | P1 Ark Aalto | Archive |
Keywords: | VPN SIM-based authentication "Zero-click" user experience |
Abstract (eng): | Nowadays, remote access VPN has been widely used in remote work environments. For the authentication security issues of this VPN, a hardware token is always employed to provide authentication information to the end-user. However, the usability of this hardware-token solution cannot satisfy all the users when the token cannot be easily found, or the connection to the authentication server is not available. In fact, the usability of the VPN authentication can be significantly improved when utilizing a popular smart card: SIM card. By using a SIM card, the whole authentication process can be kept silent. It enables a 'zero-click' user experience for the VPN authentication process. In the current research, a variety of discussions have been made to define the mechanism for authenticating by a telecommunications network using SIM-based authentication. After a successful authentication, the services provided by the telecommunications network can be protected by the VPN tunnel between the client and the gateway in the telecommunications network. However, no research has been done when a service is trying to use this VPN tunnel from an outer environment, such as from an enterprise intranet. To fill this blank, this thesis aims to provide professional enterprise-oriented VPN access with a 'zero-click' feature by using SIM-based authentication. This thesis proposes three authentication architectures: agent mode, push mode, and push mode to work with both IPSec and SSL VPNs. The advantages and disadvantages are discussed in detail. As this thesis is a feasibility study, all the authentication sequence flows for each solution are provided after the discussion sections. As a conclusion, the pull mode is the chosen solution for this thesis. Meanwhile, IPSec VPN is recommended for a quick and market-focused solution, while SSL VPN is a more promising solution with greater flexibility and lower implementation costs. |
ED: | 2010-08-30 |
INSSI record number: 40326
+ add basket
INSSI