[dipl] Perustieteiden korkeakoulu / SCI
Permanent URI for this collectionhttps://aaltodoc.aalto.fi/handle/123456789/21
Browse
Browsing [dipl] Perustieteiden korkeakoulu / SCI by Subject ""Zero-click" user experience"
Now showing 1 - 1 of 1
- Results Per Page
- Sort Options
- Feasibility Study on WLAN-3GPP Mobile VPN Tunnel
School of Science | Master's thesis(2010) Nie, CongNowadays, remote access VPN has been widely used in remote work environments. For the authentication security issues of this VPN, a hardware token is always employed to provide authentication information to the end-user. However, the usability of this hardware-token solution cannot satisfy all the users when the token cannot be easily found, or the connection to the authentication server is not available. In fact, the usability of the VPN authentication can be significantly improved when utilizing a popular smart card: SIM card. By using a SIM card, the whole authentication process can be kept silent. It enables a 'zero-click' user experience for the VPN authentication process. In the current research, a variety of discussions have been made to define the mechanism for authenticating by a telecommunications network using SIM-based authentication. After a successful authentication, the services provided by the telecommunications network can be protected by the VPN tunnel between the client and the gateway in the telecommunications network. However, no research has been done when a service is trying to use this VPN tunnel from an outer environment, such as from an enterprise intranet. To fill this blank, this thesis aims to provide professional enterprise-oriented VPN access with a 'zero-click' feature by using SIM-based authentication. This thesis proposes three authentication architectures: agent mode, push mode, and push mode to work with both IPSec and SSL VPNs. The advantages and disadvantages are discussed in detail. As this thesis is a feasibility study, all the authentication sequence flows for each solution are provided after the discussion sections. As a conclusion, the pull mode is the chosen solution for this thesis. Meanwhile, IPSec VPN is recommended for a quick and market-focused solution, while SSL VPN is a more promising solution with greater flexibility and lower implementation costs.