Next Previous Contents

2. Theory

To begin, I will attempt to lay out the problem a little more thoroughly and give the theory behind the prototype.

In the case of the Institution, there is a set of machines that are behind a very robust firewall. This firewall allows VERY little to go through. As far as connecting out to the Internet, many things, including access to HTTP, FTP, secure shell, etc., are allowed. As far as connecting in, none of those are allowed.

You can imagine the firewall as a set of machines on the edge of our internal network. There is a lot of unsecured traffic within our internal network, which has both private networks and internet addressed clients within it. To be allowed to do any of the things that require a connection INTO the network from the Internet, a server allowing the connection must be on the periphery of the network (i.e. part of the firewall).

The desire has been to be able to access the internal network sufficiently to do work from home (on par with doing work in the office), but without opening up the firewall such that our unsecured traffic would be exposed to the Internet. There is also sensitive, internal data within the internal network that can be accessed, that should neither be copied to the home machine (laptop, etc.) nor printed at the home machine.

So the question becomes: how do you allow enough access to give certain people the ability to do their jobs from home and still protect the sensitive information and the network as a whole? Other security considerations that came up were:

The answer that came to my mind was to give the users a boot CD that they could place in a machine (whether at Uncle Joe's, their own house, or the internet cafe at the airport) and use to boot into their internal work desktop. The theory is that connecting to a server on the periphery of the network, which then gives them access to their desktop, is at least as secure as if they had accessed the network from their internal desktop, and that a great deal of control can be exercised over when and how that access is granted. Being a boot CD, no on-site OS configuration will be required, nor will extra precautions concerning malware, spy-ware, or viruses need to be taken. In the next section, Technologies, I will examine some of the ways this can be implemented, and in the Implementation section I will explain how we actually did it.

Next Previous Contents