wiki:WikiStart

Version 11 (modified by psaiteja, 5 years ago) (diff)

Made corrections to the instructions for compiling and running code. Added People involved in the project.

Virtual Secure Network

A Virtual Secure Network (VSN) is a novel network service, providing safe and secure web content to remote users. The VSN architecture can be used to offer security protections (like firewalls, Antivirus scanners, IDSs and IPSs) as a service from the cloud - with added benefits of low cloud cost for VSN management and better performance for the end users.

Why VSN?

A corporate network typically has IDSes, firewalls, and malware scanners to protect the machines on the network from attack. However, employees may use devices with sensitive data in remote locations. This leaves the company with a choice: either have the remote users VPN their traffic back to the corporate network for protection; or let its employees connect directly to the (insecure) Internet. The former choice can be very slow for users as well as costly for the organization, while the latter increases the security risk.
We address this problem by providing a novel network service called Virtual Secure Network (VSN). A VSN server provides remote clients the security benefit of being behind a corporate network, while providing Internet performance more typical of an (insecure) direct connection. The VSN service concept can also be extended to cloud-based security services - providing the security offerings as a subscription service.

Briefly, how does VSN work?

The VSN server intelligently pushes hashes of secure content to clients. Clients that want to obtain content on the hashlist do so directly over the Internet but have the same security assurances as though they were in the corporate network. Any new content (not in the hashlist) would be requested through the VSN server.

How to obtain current VSN implementations?

The SVN repository can be accessed here:

SvnUrl?

All the libraries needed to run VSN are included in the repository, and should be downloaded when you perform SVN update.

Instructions to run the code

You need to have JAVA JDK pre-installed.

For now, you need to compile and run the code. The VSN client and VSN server ports are fixed to 5555 and 5556, and both need to run on the same machine. If the server needs to run on a different machine or if you want to use different port numbers, you need to modify the server IP and port variables in the VSN client code and the listening IP in the server code. We are working on it to make it easy by passing the IP and port details as command line arguments, and in future bundling the code into a simple jar file with GUI.

For compiling the server/client code on WINDOWS, use the following command with appropriate path substitutions:

javac -classpath "pathto\lib\derby.jar" program.java

For executing the server/client code, use the following command with appropriate path substitutions:

java -classpath .;"pathto\lib\derby.jar" program

If compiling and running the code on a *NIX machine, you need to replace ";" (semicolon) with ":" (colon) in the above commands.

You need to configure your browser to use the local VSN client proxy server, by setting the proxy IP to be "localhost" and the port to "5555" (or the new port number, if you changed it). For instructions to set proxy details in the browser, check your browser help instructions.

People

Sai Teja Peddintihttp://cis.poly.edu/~psaiteja/ Justin Capposhttp://www.poly.edu/user/jcappos Keith Rosshttp://cis.poly.edu/~ross/