Michael Schmidt has been working as a programmer and project manager in the field of workstation and network security for several years. He’s working on his Ph.D. thesis on thin-client security at the University of Siegen in Germany. Because of its concept of server-oriented computing, thin-client architecture offers improvements and drawbacks when it come to security, Schmidt says.
In general, thin clients offer the following security advantages:
• A client device that is good only for interfacing with users typically does not offer as much exposure to an attacker as a programmable device, such as a personal computer, since all interfaces that allow the introduction of malicious codelike floppy drivesare removed.
• Since all applications run centrally on the server side, a consistent, security-oriented administration is easier to manage.
• Common thin-client architectures (such as Windows Terminal Server) are shipped with a basic security functionality that includes sufficient authentication and encryption for environments with standard security requirements.
However, Schmidt says, there are some disadvantages as well:
• Since all applications run on the server side, a successful break-in discloses much more, possibly confidential, data than a PC attack.
• The server operator carries a higher responsibility and must be entrusted with more than a PC server operator, since all potentially confidential data are available to him or her on the server.
From the client side, there are these potential problems:
• With many products, the thin client cannot figure out whether the server it connects to is authentic or malicious (faked). Anyone who is able to impersonate the server’s identity has access to data the authentic server would process instead.
• A thin client cannot keep its data confidential from the server or its operator, since the data have to be processed in clear text on the server. This is a problem with application service providers as well, if the customer does not have unequivocal trust in its ASP. Even if the thin-client system encrypts data transmission to and from the server, the encryption key is still under control of the ASP.
• “Small” thin-client devices (such as Palm Pilots) usually have a very low system protection. Their security relies on the fact that they’re always kept under physical control of their owners. Palm Pilots that are “borrowed” by an attacker for manipulation or intensively used for internet access can be corrupted easily by viruses, Trojan horses, etc.
In schools, Schmidt sees the following advantages and problems:
• Hacking into the network is made very difficult for students if the thin-client device has no disk drive or any other interface that would allow the infiltration of malicious code. In this respect, thin clients are clearly more secure than regular PCs.
• In case a hacker does manage to gain access to the server, he or she may access confidential data and/or create more damage.
• Students have no real opportunity to store their data in a location kept confidential from the school administration.