Academic Commons

Articles

Designing an Embedded Firewall/VPN Gateway

Prevelakis, Vassilis; Keromytis, Angelos D.

The widespread use of mobile computing and telecommuting has increased the need for effective protection of computing platforms. Traditional schemes that involve strengthening the security of individual systems, or the use of firewalls at network entry points have difficulty accommodating the special requirements of remote and mobile users. We propose the use of a special purpose drop-in firewall/VPN gateway called Sieve, that can be inserted between the mobile workstation and the network to provide individualized security services for that particular station. Sieve is meant to be used like an external modem: the user only needs to plug it in. Its existence is transparent to the user, requiring no modification to the workstation configuration. To function in this role, Sieve has been designed to be compact, low-cost, requiring little administration or maintenance. In this paper, we discuss the features and advantages of our system. We demonstrate how Sieve was used in various application areas (home, university environment, etc.) and describe our future plans.

Subjects

Files

Also Published In

Title
Papers from the Third International Network Conference 2002, 16-18 July 2002, Plymouth, UK
Publisher
Emerald Group Pub.

More About This Work

Academic Units
Computer Science
Published Here
July 9, 2012
Academic Commons provides global access to research and scholarship produced at Columbia University, Barnard College, Teachers College, Union Theological Seminary and Jewish Theological Seminary. Academic Commons is managed by the Columbia University Libraries.