A trusted network connection system for security enhancement

一种网络连接、安全性的技术,应用在可信网络连接系统领域,能够解决平台完整性评估不对、背景技术安全性低、无法验证AIK证书有效性等问题,达到简化密钥管理及完整性校验机制、提高安全性、简化密钥管理的效果

Active Publication Date: 2008-08-13
CHINA IWNCOMM
View PDF0 Cites 10 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0012] The purpose of the present invention is to provide a trusted network connection system with enhanced security, which solves the technology in the background that the security is relatively low, and the access requester AR may not be able to verify the validity of the AIK certificate and the unequal evaluation of the platform integrity question

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A trusted network connection system for security enhancement
  • A trusted network connection system for security enhancement

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0034] Since most of the existing networks are deployed using the TCG-TNC architecture, especially the wired network, the present invention is a trusted network connection architecture with enhanced security built on the TCG-TNC architecture.

[0035] Referring to Fig. 2, the present invention is mainly composed of four logical entities: an access requester AR, a policy enforcement point PEP, an access authorizer AA and a policy manager PM, which can be distributed anywhere in the network. The access requester AR is also called requester, user station, etc., and the policy manager PM is also called authentication server, trusted server, background server, etc. The access requester AR and the policy enforcement point PEP are connected to the network through the authentication protocol, the policy enforcement point PEP and the access authorizer AA are connected through the network through the policy enforcement interface IF-PEP, and the access requester AR and the access authoriz...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to a safety-enhanced trusted network connecting system, the access requestor is network connected with a policy enforcement point in authentication protocol manner, the access requestor is network connected with an access authorizer by network authorizing transmission protocol interface, integrity evaluation interface and integrity measurement interface, the policy enforcement point is network connected with the access authorizer by policy implementation interface, the access authorizer is network connected with a policy manager by user identification authorization interface, platform evaluation authorization interface and integrity measurement interface, the access requestor is network connected with the policy manager by integrity measurement interface. The invention solves following technology problems: low security, inability of the access requestor to verify the validation of AIK certificate, and non-equivalence of platform integrity evaluation. The invention employs three-element equivalent identification protocol in network access layer and integrity evaluation layer, which improves the whole trusted network connection architecture and extends the application scope of trusted network connection.

Description

technical field [0001] The invention belongs to the technical field of network security, and in particular relates to a trusted network connection system with enhanced security. Background technique [0002] With the development of informatization, the problems of malicious software such as viruses and worms are extremely prominent. There have been more than 35,000 kinds of malicious software, and more than 40 million computers are infected every year. To contain such attacks, it is necessary not only to solve the problem of secure transmission and data input checks, but also to start defense from the source, that is, from every terminal connected to the network. However, traditional security defense technologies have been unable to defend against a wide variety of malicious attacks. [0003] In response to this problem, the International Trusted Computing Group TCG has specially formulated a network connection specification based on trusted computing technology - Trusted ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
CPCH04L63/0823H04L63/0876H04L63/102H04L63/126H04L63/20H04L9/0844H04L9/3263H04L41/0894H04L41/0893
Inventor 肖跃雷曹军赖晓龙黄振海
Owner CHINA IWNCOMM
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap