Towards Zero Trust: The Design and Implementation of a Secure End-Point Device for Remote Working

Bıçakcı K., Uzunay Y., Khan M.

14th International Conference on Information Security and Cryptology, ISCTURKEY 2021, Ankara, Türkiye, 2 - 03 Aralık 2021, ss.28-33 identifier

  • Yayın Türü: Bildiri / Tam Metin Bildiri
  • Doi Numarası: 10.1109/iscturkey53027.2021.9654298
  • Basıldığı Şehir: Ankara
  • Basıldığı Ülke: Türkiye
  • Sayfa Sayıları: ss.28-33
  • Anahtar Kelimeler: authentication, remote working, risk based authentication, security, security device, two-factor authentication, zero trust
  • İstanbul Teknik Üniversitesi Adresli: Evet

Özet

© 2021 IEEE.COVID-19 pandemic and lockdowns forced employees across the world to work from home. Remote working has become a necessity rather than a choice. However, in order to meet this increasing demand, the most pressing security concerns of organizations should be addressed. In this paper, we present the design and implementation of ProGun, an end-point device (a USB dongle) for remote working. We present the hardware/software co-design of ProGun, by which most security risks due to lack of physical protection could be mitigated. We also discuss choices we made among many alternatives for user authentication and their security and usability implications in a remote working environment.