I'm involved in a task force that is looking at establishing
an official policy re telecommuting for GTE Labs.
(We've been doing it unofficially for some time, but
inconsistantly across departments.)
One of the issues of course is security, including
privacy, integrity, and access to resources. Initially,
we willpresumably use dial-up lines with high-speed
modems. Eventually, ISDN, frame relay, and/or other
technologies might come into use.
Although I trust that some day we will have a useable
version of PEM to handle e-mail securely, not all problems
can be solved that way. Some people need FTP, others
will want Telnet, X-windows or other interactive protocols.
Certainly a secure FAX capability would be nice, as well
as secure remote printing. In general, we would want
employees to be able to access computing facilities
as though they were at work, rather than through awkward
firewalls.
Other requirements are that the system be cheap (preferably
smartcard based), that it include heavy-duty compression
before encryption (since the compression built into modems
won't work on encrypted data), that it support effective
rates of 128Kbps or higher using 28.4 kbps modems, and
that it be available on Macs, PCs, Sun, and DEC platforms.
Although Kerberos or similar systems could be used, I'd really
like to see a public-key based system that used triple-DES.
(Export control is not an issue here.)
Ful period link encryption is one possibility, and X.25 or IP
packet encryption is another, with various pros and cons.
Is anyone aware of anything being done along these lines,
either in a secure modem or as an modification to SLIP, PPP,
or mobile IP? If not, would anyone be interested in working
on the problem?
(BTW- I'd be interested in hearing privately from anyone who
has gone through this exercise and established a formal
telecommuting policy -- lessons learned, rocks and shoals to
avoid, etc.)
Bob