TY - CHAP
T1 - New approach for configuring hierarchical virtual private networks using proxy gateways
AU - Ishibashi, Hayato
AU - Okayama, Kiyohiko
AU - Yamai, Nariyoshi
AU - Abe, Kota
AU - Matsuura, Toshio
PY - 2003
Y1 - 2003
N2 - VPN is one of key technologies on the Internet that allows users to access securely to resources in a domain via unsecure networks. For hierarchically nested security domains, such as an R&D division domain in a corporate domain, In such organizations, some existing VPN schemes with multiple security gateway traversal function is applicable for a user to access to the innermost security domain from the Internet. However, most of existing schemes have some drawbacks in terms of security, efficiency and availability. In this paper, we propose a new way to remedy these shortcomings using proxy gateways. The proposed method connects two deeply embedded security domains by a series of virtual paths to create a single VPN link; and by incorporating a proxy gateway to accommodate communication between clients and the security gateway, this permits secure and highly efficient communications without modifying the client or server.
AB - VPN is one of key technologies on the Internet that allows users to access securely to resources in a domain via unsecure networks. For hierarchically nested security domains, such as an R&D division domain in a corporate domain, In such organizations, some existing VPN schemes with multiple security gateway traversal function is applicable for a user to access to the innermost security domain from the Internet. However, most of existing schemes have some drawbacks in terms of security, efficiency and availability. In this paper, we propose a new way to remedy these shortcomings using proxy gateways. The proposed method connects two deeply embedded security domains by a series of virtual paths to create a single VPN link; and by incorporating a proxy gateway to accommodate communication between clients and the security gateway, this permits secure and highly efficient communications without modifying the client or server.
UR - http://www.scopus.com/inward/record.url?scp=35248820152&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=35248820152&partnerID=8YFLogxK
U2 - 10.1007/978-3-540-45235-5_76
DO - 10.1007/978-3-540-45235-5_76
M3 - Chapter
AN - SCOPUS:35248820152
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 772
EP - 782
BT - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
A2 - Kahng, Hyun-Kook
PB - Springer Verlag
ER -