Validating user via ntlm
In this post we present is a feature, allowing you to establish a TCP tunnel from point A to point B, with pretty much as secure as it can get. Remote Service and Support, connecting devices using an insecure protocol over WAN infrastructure. This means you can use it now for secure remote access/support of desktops, Io T devices, and servers alike, yes you can use it to fix your mom’s computer, if you can get her through the installation of nodejs. We will make this easy and deployable with one click. Till today there was simply no technical option without addition of the remote segment as a network through a (a) VPN connection or (b) intermediate breaking the crypto in between like all remote support tools.We are now proposing a secure, simple, easy and cheap mechanism to establish a TCP connection between points A and B, with end to end security using standard TLS as a transport, over an untrusted network, without a need for a VPN. Suppose you are deploying a device, a router, a robot, you install it at a customer, and now you want to access the device, for service and maintenance.So let’s look back at the scenario, where L3.4 (her mom) was trying to access L3.3 (open the door lock).We were able to verify on L3.3 the identity of L3.4 by finding the certificate of L0 in their common certificate tree.Keep in mind, that L3 devices would be authorized by L2 identity.So by the end of the process, we will have that all devices own a valid certificate, connected by its content to its ancestors up to L0, and also holding the proof of its creation, signed by the authorizing entity.Thanks to the progress, secure remote access is easily solvable.
The technology used in this blogpost was developed in
Tree root will be the uppermost node (L0, or home PC in our example).
Consider a connection request from L3.4 to L3.3 (her mom is trying to open the electronic lock): in order to find common root, L3.3 (the lock) will have to walk up the tree, using SAN fields of L3.4 and L2.2, as well as its own, and the search will be: L3.4-However, there is a catch: how can we be sure, that the certificate of L3.4 is indeed signed by the correct key?
In more common words: blockchain is the way to store application specific data, when the data by design can be split to discrete meaningful chunks.
Relationship between consequent records shall be such, that removing an element would not pass undetected.