P.L. Fabbri

1. AXIS Video Server VNC Viewer VNC Server SEM1_CTRL.exe HTTP Server CigsIRC.exe HTTP Client C.I.G.S. Client side Instrument side C.I.G.S. P.L. Fabbri Pula20 - 22 Ottobre 2008

2. VNC Viewer 3a – VNC remote session started VNC Server 2a – Start VNC Server 3a – Start VNC Client 2b– Connection accepted CigsIRC.exe HTTP Client 1b – User credentials accepted C.I.G.S. C.I.G.S. Remote Control – WHO? From WHERE? Client side Instrument side LAN FireWall • From WHERE? • Create policies for limited IP source addresses • WHO? • Request remote user to proviede credentials ID and Pwd • It works BUT : • Users sensible data must be accessed and managed locally • Users could have multiple sets of credentails for each service at the same Organization XRDP_CTRL.exe HTTP Server 1 – Connection request C.I.G.S. P.L. Fabbri Pula20 - 22 Ottobre 2008

3. VPN Access can be granted only after a SSO identication process C.I.G.S. C.I.G.S. Remote Control – WHO? From WHERE? Test P.L. Fabbri Pula20 - 22 Ottobre 2008

4. 2 – User provides his SSO credentials 3aVPN access enabled 5– Connection accepted VNC Viewer VNC Server 4 – Connection request XRDP_CTRL.exe HTTP Server 3bAfter a SSO login, user public attributes are OK CigsIRC.exe HTTP Client 1Request for Remote Control Service C.I.G.S. C.I.G.S. Remote Control – WHO? From WHERE? Instrument side SP Client side LAN FireWall VPN Olny Policies UniMore SSO IdP 6–VNC remote session started VPN WWW Server CIGS C.I.G.S. P.L. Fabbri Pula20 - 22 Ottobre 2008