Reliable network management method based on TCPA/TCG reliable network connection

Abstract

The invention relates to a credible network managing method connected based on TCPA / TGG credible network. An credible managing agent and a credible managing system are respectively mounted and arranged on a managed host computer and a managing host computer and are validated to be locally credible, when the managed host computer and the managing host computer are not connected to a credible network, the computers are connected to the credible network based on a connecting method of TCPA / TGG credible network, then execute discrimination and key negotiating process of the credible managing agent and the credible managing system. When the managed host computer and the managing host computer do not complete user discrimination and the key negotiating process, the computers execute the user discrimination and the key negotiating process, then realize remote confidence of the credible managing agent and the credible managing system, finally execute network management. According to the invention, attack is initiatively defended, safety of a credible network management framework is enhanced, credible network management of distributed control and centralized management is realized.

Description

technical field [0001] The invention relates to a trusted network management method based on TCPA / TCG (Trusted Computing Platform Alliance / Trusted Computing Group) trusted network connection. Background technique [0002] The concept of network management is gradually recognized and familiar with the development of the Internet. In the early days, Internet access nodes were relatively small, and the structure was very simple, most of which were flat structures. Therefore, management related to network fault detection and performance monitoring was relatively simple and easy to implement. However, with the continuous development of the network, in the face of the continuous emergence of new network technologies and the continuous renovation of network products, it is becoming more and more difficult to plan and expand the network. How to maximize the effectiveness of each component of the network and how to maintain good reliability of the network And higher efficiency, thes...

AI Technical Summary

Problems solved by technology

[0005] 1. The host where the proxy resides may attack the proxy, and the existing detection-based methods cannot guarantee the security of the proxy;

[0006] 2. The agent may also attack the resident host, such as the agent illegally accessing some private information of the resident host, etc. For such attacks, only intrusion detection technology is currently used for passive defense;

[0007] 3. Network management users completely trust the administrator system, which is not safe

Because the administrator system may be controlled by viruses, Trojan horses, etc., the administrator system does not work according to the wishes of network management users, thus losing the management and control of the network;

[0008] 4. The managed host completely trusts the manager system, which is also unsafe

Images