By Topic

A methodology for implementation and integration Two-Factor Authentication into VPN

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$33 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

2 Author(s)
Pham Ngoc Thanh ; Dept. of Comput. Sci., Konkuk Univ., Seoul, South Korea ; Keecheon Kim

Nowadays, Virtual Private Network (VPN) is used widely in enterprise and home network. For security issues, Two-Factor Authentication Service (TFAS), which includes not only the traditional credentials (username and password) but also the second factor, is integrated to make it more secure. If there are incidents happened when users create VPN connection (e.g. time violated, token expired), hence in user aspect, the more real-time supports they get, the more they will appreciate the service. Besides, they also need to be authorized to access network resources. Depending on each user's information (e.g. time of access, physical location), they will be accepted or denied and get various dynamic privileges. It is too difficult to find out the ready-made system that can do the automatic real-time support; even if the commercial solution is purchased, it will be an in-a-box product which is unable to satisfy 100 percent of requirements. This paper describes how to implement a customizable TFAS and integrate it into VPN Concentrator with low-cost money by the programming language-Java. The proposed TFAS has been implemented and being deployed in a bank (300 concurrent users) with some add-on features and monitoring services to insure the High Availability (HA).

Published in:

2012 IEEE 31st International Performance Computing and Communications Conference (IPCCC)

Date of Conference:

1-3 Dec. 2012