Security layer of remote access service for your computer

In this article we want to describe technical functionality of one of the most frequently used cloud remote access service - LogMeIn. We would like to focus not only on LogMeIn service itself, but explain IT terms to a common user as well. Is it safe to use cloud services as transfer paths by the whole company? Would it be possible to be a man in the middle and steal some secret files? You should be able to answer these questions after reading this article.
As you know, LogMeIn company offers many services that enable to gain the whole network infrastructure on-demand. You can get all necessary tools cheaper and faster than by a common way - to buy and configure expensive hardware and software. Price is not the only strong advantage of a cloud network infrastructure. There is also another one - up-to-date security of transmission lines and an assurance that the latest standards are fulfilled.


Short description of LogMeIn technical architecture

There are three components in LogMeIn technical architecture - the client, the host and the LogMeIn data center. If you enter your unique ID and password you will be redirected to the LogMeIn data center where your request for connection with another computer will be processed. The major difference from the default Microsoft´s Remote Desktop is that this data center (LogMeIn cloud) is in the middle. For better understanding look at following scheme.

logmein architecture

 

As you may guess, connection through LogMeIn data center is much more secure than peer-to-peer connected computers. 
 

Security connection between devices

Have you ever heard about SSL/TLS? Never? SSL/TLS is used for verification of server identity and protection against “Man in the middle” attacks.
“Transport Layer Security (TLS) and its predecessor, Secure Sockets Layer (SSL) are cryptographic protocols that provide communication security over the Internet.” (RFC 5246)
 
For communication through these protocols are used asymmetric cryptography, symmetric encryption and message authentication codes. We can say, that these protocols don´t allow to eavesdrop and tamper with sent data and ensure a safe communication through the world-wide net.
Are you looking for an electronic ID card? SSL certificates can help you.
 
As you already know, unencrypted data sent are packed by server into an encrypted package. Ok, but can such a server identify the other side? Yes, that´s possible thanks to electronic certificates.
Certificate is a data file which identifies you (or your business partner) or a server (e-shop, electronic banking, LogMeIn server,...) and then after a successful identification by certificates secure communication is established. A lot of different types of certificates exist and they are sold by a Certification Authority (CA).
 
For more information about certificates and security visit Wikipedia (http://en.wikipedia.org/wiki/Transport_Layer_Security).
If you think that you need an additional layer of security, you can configure LogMeIn to require RSA SecurID authentication. For better understanding of this solution, visit http://www.rsa.com/node.aspx?id=1156
 

LogMeIn own methods - Intrusion Filters

LogMeIn service has several tools for prevention of possible attacks, through putting LogMeIn servers out of service.
For example:
IP Addres Filter
All connection requests from a client are checked by list of trusted and untrusted IP addresses. To untrusted the connection is denied.
 

Denial of Service Filter

Denial of service attack means that a user (client) sends several authentication requests to the server. Because all these requests have false return addresses, the server can´t find the user and it´s impossible to send the authentication approval to him. What follows? The server waits more than a minute and then interrupts the connection. After that attacker sends a new batch of requirements. It´s clear, that server has to fail. Therefore LogMeIn provides a tool to prevent these situations.
 

Overall Conclusion

LogMeIn product is secured like any other offered cloud service, that you can find. In the field of cloud services you can get also either good or bad product for your money. But LogMeIn is a company which tries to find out what customers need and improves its own security policy.
If you want more information, visit the official site of LogMeIn: https://secure.logmein.com/support/

 

 


Articles Worth Reading