Yoshiaki Shiraishi

Port randomized VPN by mobile codes

A key advantage of SSL (secure socket layer) VPN is that no specialized client software is required. When a user requests access to a server, the SSL client module, which is a Java applet code, is downloaded into the host first. However, it is quite likely that not all applications run well, because a client cannot connect with a server through an HTTPS tunnel in some applications. Moreover, there is the possibility that we can not use the VPN connections when the SSL port is under denial of service (DoS) or distributed DoS (DDoS) attack. We propose a port randomized VPN architecture such that any application can use the VPN and the VPN has strength against DoS or DDoS attack. The proposed VPN uses the same Java applet as existing SSL VPNs use, but the function of the applet, which we call mobile code, is dynamically changed by Java remote method invocation (RMI). The VPN client applet can cooperate with a VPN server and a firewall in the server side.

Remote Access VPN with Port Protection Function by Mobile Codes

Concern about SSL VPN technology as a class of VPNs has been growing recently because a key advantage of SSL VPN is that it requires no specialized client software. When a user requests access to a server, the SSL client module, a Java applet code, is downloaded into the host first. However, it is quite likely that not all applications run well because a client can not connect with a server through an HTTPS tunnel in some applications. This study proposes a remote access VPN architecture that allows any application to use the VPN. The proposed VPN uses the same Java applet as existing SSL VPNs, but the function of the applet, which we call mobile code, is changed dynamically by Java Remote Method Invocation (RMI). The VPN client applet can cooperate with a VPN server and a firewall in server side. As a result, the proposed VPN has strength against Denial of Service (DoS) attacks.