Unlock instant, AI-driven research and patent intelligence for your innovation.

A trusted network connection system based on three-element peer authentication

A network connection and ternary peer-to-peer technology, applied in the field of network security, it can solve the problems of inability to verify the validity of AIK certificates, unequal platform integrity assessment, and complex key negotiation process, so as to simplify key management and integrity Check mechanism, eliminate the need for strong security associations, and enhance the effect of security

Active Publication Date: 2009-12-02
CHINA IWNCOMM
View PDF2 Cites 2 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0020] The purpose of the present invention is to provide a trusted network connection system based on ternary peer-to-peer authentication, which solves the problem of poor scalability, complex key negotiation process, relatively low security, and the possibility that the access requester cannot verify the AIK in the background technology. Technical issue of unequal assessment of certificate validity and platform integrity

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A trusted network connection system based on three-element peer authentication
  • A trusted network connection system based on three-element peer authentication
  • A trusted network connection system based on three-element peer authentication

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0043] see figure 2 , the present invention is mainly composed of three logical entities: an access requester AR, an access controller AC and a policy manager PM, which can be distributed anywhere in the network. Access requester AR is also called requester, user station, etc.; access controller AC is also called authentication access controller, base station, access service unit, etc.; policy manager PM is also called authentication server, trusted server, background server Wait. The access requester AR communicates with the access controller AC through the protocol interface network, the access controller AC communicates with the policy manager PM through the protocol interface network, and the policy manager PM communicates with the access requester AR through the access controller AC.

[0044] The access requester AR is mainly composed of the network access requester NAR, the TNC client TNCC and the access requester’s integrity collector IMC 1 constitute. The network a...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

A trusted network connect (TNC) system based on tri-element peer authentication (TePA) is provided. An network access requestor (NAR) of an access requestor (AR) is connected to a TNC client (TNCC), and the TNCC is connected to and integrity measurement collector (IMC1) through a integrity measurement collector interface (IF-IMC). An network access controller (NAC) of an access controller (AC) is connected to a TNC server (TNCS) in a data bearer manner. The TNCS is connected to an IMC2 through the IF-IMC. A user authentication service unit (UASU) of a policy manager (PM) is connected to a platform evaluation service unit (PESU) through an integrity measurement verifier interface (IF-IMV). Thus, the technical problems in the prior art of poor extensibility, complex key agreement process, and low security are solved. TePA is adopted in both the network access layer and the integrity evaluation layer to implement mutual user authentication and platform integrity evaluation, so that the security of the entire TNC architecture is improved.

Description

technical field [0001] The invention belongs to the technical field of network security, and in particular relates to a trusted network connection system based on ternary peer-to-peer authentication. Background technique [0002] With the development of informatization, the problems of malicious software such as viruses and worms are extremely prominent. There have been more than 35,000 kinds of malicious software, and more than 40 million computers are infected every year. To contain such attacks, it is necessary not only to solve the problem of secure transmission and data input checks, but also to start defense from the source, that is, from every terminal connected to the network. However, traditional security defense technologies have been unable to defend against a wide variety of malicious attacks. [0003] In response to this problem, the International Trusted Computing Organization TCG has specially formulated a network connection specification based on trusted co...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L9/32H04L29/06G06F21/00G06F21/31G06F21/33G06F21/44
CPCH04L63/061H04L9/3263H04L2209/127H04L63/10H04L63/08H04L9/321H04L63/20H04L63/0869H04L63/0876
Inventor 肖跃雷曹军赖晓龙黄振海
Owner CHINA IWNCOMM