Towards Zero Trust: The Design and Implementation of a Secure End-Point Device for Remote Working


Bıçakcı K., Uzunay Y., Khan M.

14th International Conference on Information Security and Cryptology, ISCTURKEY 2021, Ankara, Turkey, 2 - 03 December 2021, pp.28-33 identifier

  • Publication Type: Conference Paper / Full Text
  • Doi Number: 10.1109/iscturkey53027.2021.9654298
  • City: Ankara
  • Country: Turkey
  • Page Numbers: pp.28-33
  • Keywords: authentication, remote working, risk based authentication, security, security device, two-factor authentication, zero trust
  • Istanbul Technical University Affiliated: Yes

Abstract

© 2021 IEEE.COVID-19 pandemic and lockdowns forced employees across the world to work from home. Remote working has become a necessity rather than a choice. However, in order to meet this increasing demand, the most pressing security concerns of organizations should be addressed. In this paper, we present the design and implementation of ProGun, an end-point device (a USB dongle) for remote working. We present the hardware/software co-design of ProGun, by which most security risks due to lack of physical protection could be mitigated. We also discuss choices we made among many alternatives for user authentication and their security and usability implications in a remote working environment.