VPN Secure Mobile Client Based On USB Mass Storage Device

As a key branch of Network Security, VPN technology has been increasingly applied to governments and corporations. With the VPN becomes more and more popular, the mobile officers want their VPN client to be more secure and convenient. Both the IPSEC VPN client and the SSL VPN client have some drawbacks, and can not be used at most environments. A more convenient and secure VPN client is requisite.This paper mainly covers how to design and implement a VPN secure mobile client based on USB mass storage device and clearly introduces the protocol of Mass Storage. It also is presented how the access control keeps this device safely. The details are as follows. The device is partitioned into three sectors by the control chip, which comprises the CD-ROM partition, the Hidden partition, and the file protecting partition. The configuration files and the user information are stored in the hidden partition; The VPN client software are stored in the CD-ROM partition, and can be effectively protected from being destroyed or modified; Files that stored in file protecting partition is also encrypted and can not be accessed if unauthorized. The authentication of VPN service is composed of tow steps, at first the VPN secure mobile client will authenticate a user using this client, and then the VPN server will authenticate the client. In addition, there are most of APIs provided for future development with this device.Comparing with the traditional VPN clients, this kind of secure mobile client has more advantages: mutual authentication, safety storage, auto running VPN client, and more convenience.