Secure Remote Access to an Internal Web Server

Author(s): Christian Gilmore , David Kormann, Avi Rubin

Download: Paper (PDF)

Date: 4 Feb 1999

Document Type: Reports

Additional Documents: Slides

Associated Event: NDSS Symposium 1999

Abstract:

We address the problem of secure remote access to a site’s internal web server from outside the rewall. The goal is to give authorized users access to sensitive information, while protecting the information from others. We implemented our solution using a one-time password scheme for client authentication and SSL for condentiality. Our main design considerations were security, performance, ease of use, availability, and scale. We were further constrained by the desire to leave our rewall and local infrastructure unchanged.