Reliable network access framework

Abstract

Frame of the invention includes three entities: accessing requestor, accessing controller, and strategy manager. The strategy manager manages the accessing requestor and the accessing controller as well as implements bidirectional user ID authentication between them, and evaluates integrality of platform. Based on decision made from the strategy manager, the accessing requestor and the accessing controller control local ports. Before terminal is connected to network, trusty network connection architecture (TNCA) measures state of platform. Based on secure protocol of trusty third party, the invention implements the said authentication and evaluation of platform so as to guarantee security of TNCA. Introducing strategy manager simplifies key management of the architecture, raises extensibility of the architecture. Features are: higher security for evaluating integrality of platform, centralized verifying integrality, and higher universality.

Description

technical field

[0001] The invention relates to a computer network frame, a gateway, a network communication specification, and a computer program, in particular to a trusted network access frame and its core equipment, belonging to the field of information security. Background technique

[0002] With the gradual development of informatization, the impact of computer networks on human beings has become more and more profound, and information security has become an important social issue. When talking about information security, people often think of resisting attacks and invasions from viruses and hackers outside the computer, and then think of antivirus software and "firewalls", but they often ignore attacks from inside the network. According to the statistics of the international security community, 80% of the attacks and damages suffered by various computer networks come from inside. At present, the information security measures in the industry are mainly the "old three ...

Images