Abstract
VPN is one of key technologies on the Internet that allows users to access securely to resources in a domain via unsecure networks. For hierarchically nested security domains, such as an R&D division domain in a corporate domain, In such organizations, some existing VPN schemes with multiple security gateway traversal function is applicable for a user to access to the innermost security domain from the Internet. However, most of existing schemes have some drawbacks in terms of security, efficiency and availability. In this paper, we propose a new way to remedy these shortcomings using proxy gateways. The proposed method connects two deeply embedded security domains by a series of virtual paths to create a single VPN link; and by incorporating a proxy gateway to accommodate communication between clients and the security gateway, this permits secure and highly efficient communications without modifying the client or server.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Leech, M., Ganis, M., Lee, Y., Kuris, R., Koblas, D., Jones, L.: SOCKS Protocol Version 5, RFC1928 (1996)
Kayashima, M., Terada, M., Fujiyama, T., Ogino, T.: SOCKS V5 Protocol Extension for Multiple Firewalls Traversal, Internet Draft, draft-ietf-aft-socksmultipletraversal-00.txt (1997)
Kayashima, M., Terada, M., Fujiyama, T., Koizumi, M., Kato, E.: VPN Construction Method for Multiple Firewall Environment. Transactions of the Institute of Electronics, Information, & Communication Engineers, D-I J82-D-I(6), 772–778 (1999) (in Japanese)
NEC: SOCKS Home Page, http://www.socks.nec.com/index.html
Egevang, K., Francis, P.: The IP Network Address Translator (NAT). RFC1631 (1994)
Srisuresh, P., Holdrege, M.: The IP Network Address Translator (NAT) Terminology and Considerations. RFC2663 (1999)
Kohl, J., Neuman, C.: The Kerberos Network Authentication Service (V5). RFC1510 (1993)
Linn, J.: The Kerberos Version 5 GSS-API Mechanism. RFC1964 (1996)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2003 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Ishibashi, H., Okayama, K., Yamai, N., Abe, K., Matsuura, T. (2003). New Approach for Configuring Hierarchical Virtual Private Networks Using Proxy Gateways. In: Kahng, HK. (eds) Information Networking. ICOIN 2003. Lecture Notes in Computer Science, vol 2662. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-45235-5_76
Download citation
DOI: https://doi.org/10.1007/978-3-540-45235-5_76
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-40827-7
Online ISBN: 978-3-540-45235-5
eBook Packages: Springer Book Archive