Secure Remote Access to an Internal Web Server
Download: Paper (PDF)
Date: 4 Feb 1999
Document Type: Reports
Additional Documents: Slides
Associated Event: NDSS Symposium 1999
We address the problem of secure remote access to a site’s internal web server from outside the rewall. The goal is to give authorized users access to sensitive information, while protecting the information from others. We implemented our solution using a one-time password scheme for client authentication and SSL for condentiality. Our main design considerations were security, performance, ease of use, availability, and scale. We were further constrained by the desire to leave our rewall and local infrastructure unchanged.