p.l. fabbripula 20 - 22 ottobre 2008c.i.g.s. vnc server client side instrument side vnc viewer...

P.L. Fabbri Pula 20 - 22 Ottobre 2008C.I.G.S.C.I.G.S.

VNC Server

Client side Instrument side

VNC Viewer

CigsIRC.exeHTTP Client

SEM1_CTRL.exeHTTP Server

AXIS Video Server

P.L. Fabbri Pula 20 - 22 Ottobre 2008C.I.G.S.C.I.G.S.

C.I.G.S. Remote Control – WHO? From WHERE?

XRDP_CTRL.exeHTTP Server

CigsIRC.exeHTTP Client

Client side Instrument side

1 – Connection request

VNC ServerVNC Viewer

2b – Connection accepted

2a – Start VNC Server3a – Start VNC Client

3a – VNC remote session started

From WHERE?• Create policies for limited IP source addresses

LANFireWall

WHO? • Request remote user to proviede credentials ID and Pwd

1b – User credentials accepted

It works BUT :

• Users sensible data must be accessed and managed locally• Users could have multiple sets of credentails for each service at the same Organization

P.L. Fabbri Pula 20 - 22 Ottobre 2008C.I.G.S.

C.I.G.S. Remote Control – WHO? From WHERE?

Test

VPN Access can be granted only after a SSO identication process

P.L. Fabbri Pula 20 - 22 Ottobre 2008C.I.G.S.C.I.G.S.

Instrument side

SPClient side

CigsIRC.exeHTTP Client

XRDP_CTRL.exeHTTP Server

LANFireWallVPN OlnyPolicies

UniMore SSO IdP

1 Request for Remote Control Service

WWW Server

CIGS

2 – User provides his SSO credentials

3b After a SSO login, user public attributes are OK

3a VPN access enabled

6 – VNC remote session started

5 – Connection accepted

VNC Server

4 – Connection request

C.I.G.S. Remote Control – WHO? From WHERE?

VPN

VNC Viewer