Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Trusted network architecture based on identity

A network architecture, trusted technology, applied in the field of information security, can solve problems such as difficult implementation

Inactive Publication Date: 2009-05-06
冯振周
View PDF2 Cites 42 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Then in the Internet, how to evaluate the security of the terminal, how to collect the security status information of the terminal, who will collect it, and who will formulate the security policy are all difficult to implement; Security information is a relatively sensitive issue that involves personal privacy issues. Furthermore, even if users do not care about privacy issues, and trusted terminals rely on PTM modules, all internal information is encrypted. Only the reporting system is adopted for safety information, so how reliable is this reporting system, and how does the measurement platform confirm that the information is not false? Third, the trusted network architecture and technical specifications still use the existing basic technology without any innovation or breakthrough. This is the fundamental reason why no decent product has entered the market since the introduction of the TNC architecture

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Trusted network architecture based on identity
  • Trusted network architecture based on identity
  • Trusted network architecture based on identity

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0047] The trusted network architecture of the present invention will be further described below in conjunction with the drawings and embodiments. Embodiment 1. Device-centric trusted network architecture

[0048] The device-centered trusted network architecture is shown in Figure 2. In this trusted network architecture, all network terminals and hosts adopt a hardware motherboard structure with a PTM trusted computing module, and the system software is equipped with security policy manager components, Security supervision and mandatory access control components form a trusted network architecture composed of trusted computing terminals, trusted hosts and security policy servers.

[0049] In the initial state, users with trusted terminals must register at the security policy service provider registration center, and then they can access the trusted network, and automatically obtain the latest security policies and virus protection technologies from the security policy service ...

Embodiment 2

[0068] Embodiment 2, human-centered trusted network architecture

[0069] This embodiment is shown in Figure 3. The difference between it and Embodiment 1 is that in the trusted network of this mode, all terminals do not need to be replaced with computers equipped with a trusted computing module PTM, but adopt post-installed security component software and separate When the network ID card is separated from the terminal, the terminal is an ordinary computer. When the network ID card is inserted into the USB or sensor interface of the computer, the ordinary terminal becomes a trusted terminal. This design and layout is to support user mobility and compatibility with existing network infrastructure and users' computers, so that users can enjoy the security and convenience brought by trusted networks at the lowest cost.

[0070] The implementation process of the human-centered trusted network architecture will be described in detail below with reference to FIG. 3 .

[0071] In t...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

A credibility network framework based on identities belongs to the technical field of information security, which comprises three layers and three entities, wherein the three layers are a physical transmission layer, a network layer and an application program layer; and the three entities are a network access sponsor, a network access controller and a safety tactics server. The credibility network framework adopts a vector quantity encryption authentication mechanism based on the identifies of accessors, and guarantees that the requirements of all network accessors are the encryption data streams bound with accessor entities, as long as access controllers use personal identify labels and identify information of access requesting labels to obtain accurate proof test value through decrypting requesting data, bidirectional equipotent identify authentication is realized, then authority and content are evaluated and detected by access control assemblies and safety monitoring assemblies so as to guarantee that all access requirements are safe, and unsafe access requirements are refused, thereby the credibility network framework is realized.

Description

technical field [0001] The invention belongs to the technical field of information security, and in particular relates to an identity-based credible network connection architecture. Background technique [0002] At present, the well-known trusted network connection specifications and architectures include TCG-TNC (Trusted Network Connect) of the International Trusted Computing Group (TCG) (Trusted Computing Group). TNC includes an open terminal integrity architecture and a set of technical standards to ensure safe interoperability , the essence of this standard is to establish trusted network connections from trusted terminals. It uses the trusted computing platform module PTM to arm all terminals and hosts, and deploys trusted measurement platforms, security policy platforms, and access control platforms inside trusted networks. , first authenticate the device and identity of the terminal accessing the trusted network, then collect the security status information of the ter...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L9/32H04L29/06H04L12/56
Inventor 冯振周冯龙冯帆
Owner 冯振周
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products