Proposta de um modelo de seguranÃa para VPNs na interligaÃÃo de redes corporativas

AUTOR(ES)
DATA DE PUBLICAÇÃO

2004

RESUMO

A Virtual Private Network - VPN is a protected connection, built for the private use of the enterprise, over a shared public network. A VPN uses security protocols, cryptography technologies and authentication to guarantee characteristics of a private and dedicated network to enterprises that use a not-trustworthy infrastructure, as the Internet, for interconnection between its networks or remote users to these. Therefore, corporations interested in the use of this technology must be worried about some security aspects involved in the interconnection of its networks through a not-trustworthy infrastructure. General way, few references deal with this question in complete way, restrict many times the isolated contexts, without the concern in the adoption of other security mechanisms that can be combined to a VPN infrastructure, objectifying to propitiate greater security in the external perimeter of a corporative network. This work investigated an excellent question to the current scene - the use of VPNs for interconnection the corporative networks through a not trustworthy environment, the Internet, which already owns an infrastructure mounted and with great availability and scalability. Currently, companies of the entire world want to use the Internetâs infrastructure to establish connection with its corporative networks (Intranets), also with Partners of Businessâ Internet (extranets). Thus, they want to search an alternative viable, and low cost, that can to contribute with significant reductions in the referring costs to hire private circuits of data. However, they wish, at the same time, a solution that increases security to the information of its business. This way, in this work we present a study of the involved security aspects in the construction, maintenance and use of Virtual Private Networks between Corporative Networks. Besides being developed the conceptual base on which it establishes a VPN architecture, the elements of this structure are detailed, as well as the security services that must be combined with gateways VPN to increase the security of corporative networkâs External Perimeter that uses the Internet, a not trustworthy network, for the establishment of connections VPN. xx For that, security models are considered, which has the purpose to establish a topology that can guarantee a level of acceptable security for VPNs, this way the elements and existing security services in the corporative networks can be added, making the construction of security architecture in depth possible. As such, we studied many forms of elements positioning and security services in the use of VPNs, in order to make the analysis and the construction of adequate topologies to the necessities of each Company possible. The proposal of a VPN, combined the services that provide security in depth, has the purpose to difficult attacks and threats, which can come to compromise the integrity, secrecy, authenticity and availability of the information of a Company. In consequence of this question, we also carry through a case study that intends to develop a model of security for the Official Social Security network of Brazil and that the appreciation of its Direction will have to be submitted. In this context of costs reduction and security increasing, another question investigated in this work is on the adequacy and viability of using free software and free tools as completely safe solution for the construction of VPNs. In result of this, was implemented a VPN scene, as experiment, total based in free software platform

ASSUNTO(S)

engenharia eletrica defense in depth software livre virtual private networks security free software defesa em profundidade seguranÃa redes privadas virtuais

ACESSO AO ARTIGO

Documentos Relacionados