join.me architecture whitepaper



Similar documents
Whitepaper. join.me architecture. A technical overview of join.me s secure and reliable architecture.

LogMeIn Rescue Architecture

BOLDCHAT ARCHITECTURE & APPLICATION CONTROL

LogMeIn Rescue Architecture

Security Policy JUNE 1, SalesNOW. Security Policy v v

Security & Infra-Structure Overview

MAXIMUM DATA SECURITY with ideals TM Virtual Data Room

LogMeIn Hamachi. Getting Started Guide

UNIFIED MEETING 5 SECURITY WHITEPAPER INFO@INTERCALL.COM INTERCALL.COM

Secure, Scalable and Reliable Cloud Analytics from FusionOps

FileCloud Security FAQ

TECHNICAL AND ORGANIZATIONAL DATA SECURITY MEASURES

Cloud Management. Overview. Cloud Managed Networks

BroadData Unified Meeting Security Whitepaper v4.2

SaaS Security for the Confirmit CustomerSat Software

Tk20 Network Infrastructure

Collaborate on your projects in a secure environment. Physical security. World-class datacenters. Uptime over 99%

BMC s Security Strategy for ITSM in the SaaS Environment

Famly ApS: Overview of Security Processes

SITECATALYST SECURITY

Fax

Perceptive Software Platform Services

Security Controls for the Autodesk 360 Managed Services

by New Media Solutions 37 Walnut Street Wellesley, MA p f Avitage IT Infrastructure Security Document

Security Policy Revision Date: 23 April 2009

KeyLock Solutions Security and Privacy Protection Practices

Information Technology Security Procedures

Altus UC Security Overview

Security in the Sauce Labs Cloud. Practices and protocols used in Sauce s infrastructure and Sauce Connect

modules 1 & 2. Section: Information Security Effective: December 2005 Standard: Server Security Standard Revised: Policy Ref:

SaaS Security for Confirmit Horizons

Security from the Ground Up eblvd uses a hybrid-asp model designed expressly to ensure robust, secure operation.

Whitepaper - Security e-messenger

WHITE PAPER. GoToMyPC. Citrix GoToMyPC Corporate Security FAQs. Common security questions about Citrix GoToMyPC Corporate.

Securing the Service Desk in the Cloud

Connected from everywhere. Cryptelo completely protects your data. Data transmitted to the server. Data sharing (both files and directory structure)

Level I - Public. Technical Portfolio. Revised: July 2015

Cloud Management. Overview. Cloud Managed Networks

Understanding Sage CRM Cloud

Netop Environment Security. Unified security to all Netop products while leveraging the benefits of cloud computing

Copyright Telerad Tech RADSpa. HIPAA Compliance

Table of Contents. Page 1 of 6 (Last updated 30 July 2015)

LIVE CHAT CLOUD SECURITY Everything you need to know about live chat and communicating with your customers securely

Complying with PCI Data Security

Mobile Admin Architecture

Click. Schedule. Relax.

YubiCloud OTP Validation Service. Version 1.2

Autodesk PLM 360 Security Whitepaper

BOWMAN SYSTEMS SECURING CLIENT DATA

SHARPCLOUD SECURITY STATEMENT

Security & Infrastructure White Paper

Las Vegas Datacenter Overview. Product Overview and Data Sheet. Created on 6/18/2014 3:49:00 PM

Billing for each tier is done on a monthly basis in arrears and will include both fixed and variable costs.

ProjectManager.com Security White Paper

RSA Authentication Manager 7.1 Security Best Practices Guide. Version 2

PROTECTING YOUR VOICE SYSTEM IN THE CLOUD

TOP SECRETS OF CLOUD SECURITY

SCOPE OF SERVICE Hosted Cloud Storage Service: Scope of Service

Enterprise Security Model in SAS Environment

WHITEPAPER. SECUREAUTH 2-FACTOR AS A SERVICE 2FaaS

FileRunner Security Overview. An overview of the security protocols associated with the FileRunner file delivery application

Supplier Information Security Addendum for GE Restricted Data

ASP Technology & Security Overview

Enterprise level security, the Huddle way.

How To Secure Your Data Center From Hackers

Bit Chat: A Peer-to-Peer Instant Messenger

CloudDesk - Security in the Cloud INFORMATION

Security Overview Enterprise-Class Secure Mobile File Sharing

Online Data Services. Security Guidelines. Online Data Services by Esri UK. Security Best Practice

Fundamentals of Windows Server 2008 Network and Applications Infrastructure

Ensuring the Security of Your Company s Data & Identities. a best practices guide

Secure Hosting Solutions For SAGE Energy Management

Itron Cloud Services Offering

Whitepaper Cubby: A secure solution. A technical overview of Cubby s secure, enterprise-grade infrastructure.

Data Collection and Analysis: Get End-to-End Security with Cisco Connected Analytics for Network Deployment

RSA Authentication Manager 8.1 Setup and Configuration Guide. Revision 2

Private Clouds & Hosted IT Solutions

Our Key Security Features Are:

Brainloop Cloud Security

Edge Metrics Data Center User Manual

Security in the Sauce Labs Cloud

Private vs. Public Cloud Solutions

Egnyte Security Architecture

Storage Guardian Remote Backup Restore and Archive Services

Using BroadSAFE TM Technology 07/18/05

Best Practices For Department Server and Enterprise System Checklist

Research Information Security Guideline

GoToMyPC Corporate Security FAQs

Web Drive Limited TERMS AND CONDITIONS FOR THE SUPPLY OF SERVER HOSTING

CLOUD FRAMEWORK & SECURITY OVERVIEW

Druva Phoenix: Enterprise-Class. Data Security & Privacy in the Cloud

Retention & Destruction

Security Overview Introduction Application Firewall Compatibility

Dropbox for Business. Secure file sharing, collaboration and cloud storage. G-Cloud Service Description

RevShield Software Suite Network Security Review

SP A Framework for Designing Cryptographic Key Management Systems. 5/25/2012 Lunch and Learn Scott Shorter

YubiCloud Validation Service. Version 1.1

Projectplace: A Secure Project Collaboration Solution

Telework and Remote Access Security Standard

Transcription:

join.me architecture whitepaper

2 join.me architecture whitepaper Table of Contents Introduction 3 Architecture Overview 3 Data Security 6 Session and Website Security 7 Hosting Overview 8 Conclusion 8 Author Marton Anka, CTO, LogMeIn, Inc. Abstract This document provides an overview of the architecture behind the join.me service. Topics covered include data confidentiality, auditing, and reliability. Product Information: Sales Inquiries: Press: Address: questions@join.me sales@join.me (800) 993-1790 press@logmein.com 500 Unicorn Park Drive, Woburn, MA 01801 join.me LogMeIn.com

3 join.me architecture whitepaper Introduction join.me is a simple but powerful screen sharing tool. The product is secure, indefinitely scalable, meets or exceeds 99.99% uptime, and is usable within seconds of visiting the join.me website. This document provides insight into how we achieve this. Architecture Overview A typical join.me session involves at least the following components: Presenter Presenter Software Webserver Database Application Server Viewer (one or more) Viewer Software (one or more)

4 join.me architecture whitepaper A typical session flow is as follows: The Presenter downloads the Presenter Software from the Webserver The Presenter Software connects to an Application Server The Application Server requests a new session from the Database The Presenter receives the session code A Viewer connects to the Webserver and submits the session code (the Viewer Software runs in the browser to ensure quick session start-up) The Webserver submits the new viewer to the Database and returns session information to the Viewer The Viewer connects to the Application Server to which the Presenter has connected The Presenter sends data (such as screen images, chat messages, files) to the Application Server The Application Server distributes the data to the appropriate Viewers The Viewers communicate with the Presenter through the Application Server (for example, send chat messages or files) In essence, after the session has been established, the Presenter Software communicates with one or more viewers through a specific Application Server. The system provides multiple layers of redundancy. A look at the server-side architecture helps us understand the highest level redundancy layers. w: webserver a: application server

5 join.me architecture whitepaper At the time of publication, join.me servers are hosted in four geographically distributed datacenters interconnected with a VPN mesh (for example, if DC1 were to lose direct connection to DC2 it would communicate instead through DC3 or DC4). Inter-datacenter communication is essential because only one datacenter hosts an active join.me database, which is the heart of the system. In the illustration this datacenter is DC1. One of the other datacenters (shown here as DC2) hosts a so-called passive database, which continuously receives database transaction logs from its active counterpart. In the event of a prolonged outage at DC1, the passive database in DC2 can quickly be brought online to resume operations. All four datacenters host Webservers and Application Servers. Servers in the same facility communicate through the LAN; otherwise through the VPN mesh. Presenters connect to an Application Server using geographic load balancing. A datacenter is allocated based on availability, proximity, and load, and then a particular Application Server within that datacenter is allocated based on availability and load. Application-level logic ensures that Viewers always connect to the same Application Server as the Presenter. This is important because the Application Server maintains session state in memory (for example, the Presenter s current screen). Should an Application Server or datacenter go offline or become unreachable to the Presenter, the session is migrated to a different Application Server within seconds. Users only experience a brief pause. Webservers within a datacenter are also interchangeable as they share session state with each other through a large memory cache cluster.

6 join.me architecture whitepaper Data Security join.me meets the following requirements for a secure communications system: Authentication of the communicating parties Confidential exchange of messages Detection of compromised messages At the protocol level, join.me uses SSL for communications security. The key exchange protocol is RSA, while data encryption is typically AES256 (or AES256-SHA). All modern browsers support AES256-SHA, including current versions of Internet Explorer, Firefox, and Chrome. Every session is secured using the Application Server s SSL certificate. The Application Server terminates the SSL connections that are established by the Viewer and the Presenter (this is unlike all other LogMeIn products). The need for this is obvious: while a single viewer/presenter pair could potentially employ endto-end encryption and use the Application Server as a simple networking relay, this becomes infeasible when multiple Viewers are present. As designed, the system supports multiple Viewers without placing bandwidth constraints on the Presenter. All join.me communications are secured using SSL including access to the website itself. No session data, such as screens or chat logs, are stored on our servers unless you choose to record the session using the join.me recording feature. Recordings are saved to LogMeIn servers via LogMeIn s own Cubby cloud storage service. You can remove recordings from our servers at any time.

7 join.me architecture whitepaper Session & Website Security Sessions are identified and secured by session codes. The ephemeral session codes are nine digits and are recycled after a session ends. At the time of publication, based on current usage trends, LogMeIn has determined that nine digits offer a de minimis chance of a collision. As join.me grows in popularity the length of ephemeral session codes will be extended beyond nine digits. Static session codes (also known as personal links ) are available to paying customers. This is a userdefined alphanumeric string of up to 127 characters. A well-chosen personal link can be impossible to guess, but their static nature restricts their use to trusted parties. When a static code is in use, sessions start as locked and the Presenter must approve individual Viewers. Viewers are authenticated to the system using the session code. The authentication to the Presenter himself is typically done implicitly ( if the Viewer has the code, it must have come from the Presenter ), but Viewers can also enter a display name, which is helpful when there are multiple participants. Presenters can use the website for ad-hoc sessions without logging in; in this case they are anonymous and are only authenticated by the system-generated session code. If they choose to log in (to access scheduled sessions or make use of a static code) they are authenticated with an email/password combination. join.me requires a valid email address (click-verified) and a password at least six characters in length. Upon registration, a simple password-strength indicator encourages complexity. Presenters can choose to have the website remember them, which results in an already-logged-in state when they next visit the join.me website using the same browser/device combination. The remember me feature cannot be used to perform high-risk functions, such as changing account information. The user must always enter a valid password to perform high-risk functions. The remember me feature is based on a persistent cookie encrypted with AES. Integrity of the cookie is verified by HMAC-SHA256. The cookie contains the user s unique identifier and other relevant metadata and is encrypted/decrypted on the server side using a symmetric algorithm. Presenters can also download and install software to their computer to perform screen sharing sessions without further visits to the website. This software (known as the join.me desktop application ) can be attached to a presenter s account so it can have access to scheduled sessions and static codes. When the presenter software is attached to an account, it receives a 32-character token generated by a cryptographically random algorithm using a 62-character alphabet (upper and lower case alphanumeric characters). This token is stored on the Presenter s computer permanently and is used by the software to authenticate towards the system.

8 join.me architecture whitepaper Hosting Overview The join.me service shares hosting facilities with all other LogMeIn services. These are Tier-1 Colocation Facilities with the following features: Multi-layer security control procedures, biometric entry systems, 24/7 CCTV and alarm monitoring Uninterruptible redundant AC and DC power, onsite backup power generators HVAC redundant design with air distribution under raised flooring for maximum temperature control Smoke detection system above and below raised floor; double-interlock, pre-action, dry-pipe fire suppression The LogMeIn servers (including all join.me servers) are in dedicated cages in all datacenters. These cages are protected by two-factor (biometric & PIN) electronic locks. The LogMeIn infrastructure in each datacenter connects to the Internet with multiple 10Gb uplinks via multiple tier-1 NSPs. The edge routers are clustered in an active/passive configuration, and are connected to an active/passive firewall cluster in a fully meshed manner. These in turn connect in a fully meshed manner to an active/passive IP-level load balancer cluster. Behind the firewalls is a DMZ that contains the Webservers and Application Servers. The Database Servers communicate with the servers in the DMZ using a private, non-routable LAN. An internal IDS system has been set up to warn of and help prevent malicious access. Physical access to the cages is very strict and limited to a team of four network engineers. Logical access for remote administration and software deployment is through LogMeIn s own services (LogMeIn Pro) and an out-of-band SSH gateway. Remote access for administrators is protected with two-factor authentication (username/password combination and a hardware or software token). All servers undergo monthly self-audits as well as quarterly and annual third-party audits. These audits include reviewing server configurations and network penetration testing. Conclusion While the join.me service appears deceptively simple, it is supported by a world-class architecture that can fulfill the needs of even the most concerned user. Further information is potentially available upon execution of an NDA.

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information