Remote access VPN with port protection function by mobile codes

Abstract

Concern about SSL VPN technology as a class of VPNs has been growing recently because a key advantage of SSL VPN is that it requires no specialized client software. When a user requests access to a server, the SSL client module, a Java applet code, is downloaded into the host first. However, it is quite likely that not all applications run well because a client can not connect with a server through an HTTPS tunnel in some applications. This study proposes a remote access VPN architecture that allows any application to use the VPN. The proposed VPN uses the same Java applet as existing SSL VPNs, but the function of the applet, which we call mobile code, is changed dynamically by Java Remote Method Invocation (RMI). The VPN client applet can cooperate with a VPN server and a firewall in server side. As a result, the proposed VPN has strength against Denial of Service (DoS) attacks. © Springer-Verlag 2004.