Security for virtual private intranets

TitleSecurity for virtual private intranets
Publication TypeJournal Articles
Year of Publication1998
AuthorsArbaugh WA, Davin JR, Farber DJ, Smith JM
Pagination48 - 55
Date Published1998/09//
ISBN Number0018-9162
Keywordsbusinesses, Clouds, Companies, core operating system components, cryptography, Data security, employee homes, encryption, functional roles, hard drive, Home computing, home working, integrity checking, Internet, Local area networks, multiple personalities, network authentication, network environment, operating system modifications, Operating systems, Roads, secure identity based lending, security management, security of data, shared applications, SIBL, single hardware platform, smart cards, symmetric algorithm, system partition, telecommuting, Teleworking, trust relationship, trustworthy system, virtual private intranets

As telecommuting grows, businesses must consider security when extending their network environment to employees' homes. Researchers at the University of Pennsylvania have addressed the problem with smart cards, operating system modifications, and network authentication. We note the distinction between trust and integrity: trust is determined through the verification of components and the dependencies among them, while integrity demonstrates that components haven't been modified. Thus integrity checking in a trustworthy system is about preserving an established trust or trust relationship. Our solution to the challenge of isolating functional roles that may share a single hardware platform is called secure identity based lending (SIBL). SIBL provides multiple personalities by partitioning the hard drive into n+1 partitions, where n is the number of supported personalities. All personalities use the system partition for core operating system components and shared applications. Each of the personalities is also associated with one of the remaining partitions, which are encrypted using a symmetric algorithm