Network and Security Patterns

Ajoy Kumar

Introduction
Network Layer Security is something which has
become the of prime importance in designing
any network system.
We look at the important layers of the network
and try to identify the different Security Patterns
associated with each layer. My work will be
trying to fill the gaps at each layer where security
patterns are missing or not well established.

VPN Security
We first look at the available patterns in
the system.
And as the next step, we try to understand
the VPN architecture and we try to
develop a Security pattern for the VPN
Architecture.

Network Architecture
Security Objects

FireWall

IDS

VPN

Protocol

Application

XML FW

XML IDS

XML VPN

SAML

TCP

Proxy FW

TCP IDS

TLS/SSL VPN

TLS

IP

Packet FW

Packet IDS

IPSec VPN

IPSec

A
U
T
H
E
N
T
I
C
A
T
I
O
N

S
E
C
R
E
C
Y

A
U
T
H
O
R
I
Z
A
T
I
O
N

I
D
E
N
T
I
F
I
C
A
T
I
O
N

Class Diagram for XML

Firewall[Ne06]

Class Diagram for a Packet

FW[Fe06]
ExternalHost

1 requestService *

PFFirewall

* requestService1

address

LocalHost
address

1
RuleBase
addRule
deleteRule
modifyRule
reorderRules

* {ordered}
Rule
in/out

ExplicitRule

DefaultRule

Class Diagram for Proxy

FireWall[Fe03]

Class Diagram for IDS.[Fer05]

VPN Architecture
VPN make use of public network
resources to connect to the private
network of the enterprise. Within the VPN,
the transmission is protected by security
principles to assure confidentiality of the
user(s) and data integrity. So a private
network is established in the public
domain. Since this network exists in a
logical sense, it has been termed as virtual
private network.

Features of a good VPN

Security
Reliability
Scalability
Network management
Policy management

Problem
In the company where I work we have a lot of
remote employees who log in from different
parts of the world such as St. Louis, USA or
Israel. These developers log into a machine
in Boca and work virtually from Boca. These
connections are done using an VPN
architecture. We need to develop the most
safe architecture so that the work is done
most efficiently and with the least threats to
security.

Context
Local networks with applications being
executed in distributed systems. Access to
the network can be from the Internet or
from other external networks using a VPN
connection.

Forces
There are many remote users trying to connect to the same network
from different end points. A good VPN system must accommodate
all these users.
There may be different end users that may require different levels of
security. We need to define appropriate policies for each of these
VPN connections.
The company has various employees joining and leaving the
company. Hence the security policies need to be constantly
modified. Hence the VPN configuration should be easily
configurable.
The number of users and applications may increase significantly;
adding more users or applications should be done transparently and
at proper cost.
A VPN set up should avoid access to the corporate network from all
harmful external elements
There are many ways to perform authentication. The VPN must
support the different methods.

Pattern Diagram
VPN

IPSec

TLS
TCP VPN

Authentication
Authentication

PKI

IP VPN

Secrecy
Secure
Channel

XML VPN

Message Authentication
Authorization

RM

Class Diagram for a VPN

End User

Secure Network

VPN Network

End User Auth Point

Secure Channel

Identity Base

Policy Base

Identity

Policy

Sequence Diagram for a VPN Authentication

:End User

:VPN

:EndUserAut
hPT

:IdentityBase

:Policy Base

rqstConn
rqstConn
authenticate

authenticated
checkAcces
s
accessAllowed

openSecConn
Established

Established

:SecureCh

:SecureN/W

Solution
Whenever an end user tries to connect to a
VPN, the network should ask for authorization.
An user can access a network only if a specific
policy authorizes it to do.
Policy enforcing includes authenticating the end
user who is trying to connect to the network.
The VPN Tunnel created should maintain its
confidentiality and data integrity.

Consequences
Advantages
Company can define the policies for VPN end users thus
centralizing the policies and makes the administration better.
Since authorization is used, company can keep a log of end
users connected in the present and in the past.
A secure tunnel guarantees data integrity and secrecy. Usually a
PKI system of encryption is used for sending data over the
tunnel.
As authentication of end users are performed, users can be held
responsible for their actions .
We can also incorporate RBAC based on the role of the end
user.
Usually a Firewall complements a VPN setup..

Consequences (Contd)
Liabilities
If the VPN is compromised, then the attacker gets full
access to the internal network too.
VPN traffic is often invisible to IDS monitoring.If the
IDS probe is outside the VPN server, as is often the
case, then the IDS cannot see the traffic within the
VPN tunnel because it is encrypted. Therefore if a
hacker gains access to the VPN, he can attack the
internal systems without being picked up by the IDS.
Whatever type of VPN we use, VPN is only as secure
as the remote computer connected to it.

 Liabilities (Contd)
The pattern does not discuss the attack at the
end points.
VPN Tunnel is only as strong as the
cryptography that enables it.

Known Users
Citrix. Citrix provides a site to site VPN
connection for remote users to log into the
secure network as well as access
applications on the company (secure)
network.

Related Patterns
Patterns for Application Firewalls using
PEP and PAP.
Nelly Delessy-Gassant, Eduardo B.
Fernandez, Saeed Rajput,and Maria M.
Larrondo Petrie

Future Work
Expand on the VPN Pattern and create
separate patterns for IP, SSL and XML
VPNs.
Developing the patterns missing in the
network security diagram shown before.

Thank You
Q&A
Suggestions
Concerns