The most common method of system administration is accessing the remote system through the network by means of some client-server protocol, giving access to a privileged service always listening on the target system. There are important security and flexibility limitations deriving from the usage of a predictable access port for such a critical application, which can be summarized as the impossibility of attaining a satisfactory trade-off between attack rejection capability and service availability. This work illustrates an alternative solution based on the presence of an intermediate system, acting as a meeting place in between the remote server and its administrator. The resulting architecture eliminates the predictable management port on the server, enhances the availability of the management service by exploiting widespread communication platforms that are likely to be accessible from anywhere, and exhibits a modular structure enabling promising future extensions aimed at overcoming many other issues of the current administration techniques.

A messaging-based system for remote server administration

RAMILLI, MARCO;PRANDINI, MARCO
2009

Abstract

The most common method of system administration is accessing the remote system through the network by means of some client-server protocol, giving access to a privileged service always listening on the target system. There are important security and flexibility limitations deriving from the usage of a predictable access port for such a critical application, which can be summarized as the impossibility of attaining a satisfactory trade-off between attack rejection capability and service availability. This work illustrates an alternative solution based on the presence of an intermediate system, acting as a meeting place in between the remote server and its administrator. The resulting architecture eliminates the predictable management port on the server, enhances the availability of the management service by exploiting widespread communication platforms that are likely to be accessible from anywhere, and exhibits a modular structure enabling promising future extensions aimed at overcoming many other issues of the current administration techniques.
2009
Proceedings 2009 Third International Conference on Network and System Security
262
269
M. Ramilli; M. Prandini
File in questo prodotto:
Eventuali allegati, non sono esposti

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11585/80302
 Attenzione

Attenzione! I dati visualizzati non sono stati sottoposti a validazione da parte dell'ateneo

Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 1
  • ???jsp.display-item.citation.isi??? 0
social impact