Research On VPN Access Platform Based On SSL Protocol

With the rapid development of computer network technology, networkcommunications’ security is in an increasingly high demand. Thus, how to shareinformation distributed in different parts of government and business safely andreliably has become an urgent requirement. The VPN system based on the SSLprotocol takes full advantage of the Internet convenience and provides a safe andsecure data transmission service. Being cheaper and more flexible, the VPNtechnology has obtained a very wide range of applications in the government andenterprises. Authentication technology and access control technology are twoimportant components of SSL VPN system and currently among the hottest areas ofresearch.Nowadays，the study in SSL VPN field is still in its infancy, and there are manyissues need to be further addressed and improved. The main purpose of this study is toimprove the traditional SSL VPN technology to a certain degree in order to solve theproblem of inadequate security in remote access to internal network. This thesisconsists of three main parts: firstly, we give a brief introduction to the basicprinciples of SSL VPN solutions, the work mode and some basic concepts, and focuson the SSL VPN technologies involved, such as identity authentication technology,secure tunneling technology, access control technology, and SSL proxy technology.Meanwhile, by using logical methods such as comparison and analysis, we sum up thecurrent deficiencies related to the present SSL VPN and its future trends. Secondly,we give a detailed analysis of the core content of the SSL protocol stack, such as theSSL protocol architecture, processes and security levels, etc. We then discuss anumber of the drawbacks of traditional SSL protocol and put forward relevantimprovement methods, such as the use of PKI in SSL or increase control protocol. Theapplication of PKI can better support SSL protocol in construction of VPNauthentication, access control and other aspects. Control protocol can strengthen SSLprotocol’s security and efficiency through the user interface, user access control listsand the upper application protocol engines, etc. Then, we do a further research andgive an in-depth analysis of the security guarantee of the improved SSL protocol.Finally, the security control of SSL VPN is strengthened by the improved SSLprotocol as a result of analyzing the SSL VPN server’s system structure. At the same time, we thoroughly study some key technologies needed in the achievement of server,such as a server prone for achieving authentication, performance, and systemmanagement issues, and the corresponding solutions. Moreover, a detailed design ofthe SSL VPN server communication process, authentication, access control, securetunnel processing and other aspects of private handshake is provided. The applicationof control protocol can make role-based access control well achieved and centralizedmanagement can make easier. By doing this, a safe, easy-to-use, practical design canbe made out and ultimately fulfill the security of remote access to corporations ororganization’s internal network.