Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Architecture accessing trusted network for tolerating untrusted components and access method thereof

A network access, untrusted technology, applied in the field of trusted network access architecture, can solve the problems of complex protocols, restricting TNC applications, and not considering the security of policy enforcement points, and achieves improved flexibility and convenience. Achievable, safety-enhancing effect

Active Publication Date: 2010-07-14
ZHENGZHOU XINDA JIEAN INFORMATION TECH
View PDF0 Cites 37 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0021] However, the TNC specified by the TCG only focuses on the integrity verification of the access terminal, and does not consider the security issues when the policy enforcement point is attacked or destroyed. For this reason, China Trusted Alliance proposes an access control method based on ternary peer-to-peer authentication, which strengthens the integrity protection of policy enforcement points, but its protocol is too complicated
On the other hand, the integrity reference value of each component of the TNC platform is the benchmark value of credible measurement. After the upgrade and revision of each component, it cannot be quickly deployed, which seriously restricts the application of TNC.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Architecture accessing trusted network for tolerating untrusted components and access method thereof
  • Architecture accessing trusted network for tolerating untrusted components and access method thereof
  • Architecture accessing trusted network for tolerating untrusted components and access method thereof

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0069] The following takes the public security information network as an example to illustrate the specific network deployment architecture and working principles of the trusted network access architecture that can tolerate untrusted components when accessing the public security information private network. Figure 5 shown. The entire architecture is divided into two parts: the access network and the public security information network. The public security information network and the access network exchange data through a data security exchange platform to prevent security attacks based on protocol loopholes or protocol defects and ensure the security of the public security information network. The access network includes trusted mobile terminals, trusted access gateways, authentication management servers, and audit monitoring servers.

[0070] The terminal is a mobile terminal device such as a mobile phone or a notebook equipped with a secure SIM card or PCMCIA card. These se...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention relates to a network connection method, in particular to architecture for trusted network connection of a terminal with TPM function and a computer network, and an access method thereof. The architecture consists of five parts, namely a trusted terminal for tolerating untrusted components, a trusted access gateway, an authentication policy management server, a component information collecting and publishing node MAP and a secure data exchange platform; an embedded trusted system layer additionally arranged in the trusted terminal is an independent and integral system on chip SOC, and is not influenced or controlled by an upper-layer operating system, so that the architecture has better realizability; the trusted access gateway and the trusted terminal adopt bidirectional nonequivalent trusted evaluation; and a data exchange platform is arranged additionally between the trusted terminal and the trusted access gateway, and can only realize data exchange with uniform format and transparent structure at raw data level so as to prevent protocol defect-based attacks; therefore, the invention provides a higher security protection mechanism for protecting the network.

Description

Technical field: [0001] The present invention relates to a network connection method, in particular to a trusted network access architecture and access method for a terminal with a TPM function and a computer network that can tolerate untrusted components. Background technique: [0002] Such as figure 1 As shown, the Trusted Network Connect (TNC) is formulated by the TCG organization to ensure the trusted network connection between a terminal with a TPM and a computer network. Trusted network connection collects and verifies the integrity information of the requester through the network access request, evaluates the information according to certain security policies, and decides whether to allow the requester to connect to the network, thereby ensuring the credibility of the network connection. The TNC architecture ensures that the information sent from the terminal to the server is credible, so there is no possibility of the attacked terminal providing false information. ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L29/06H04W12/08H04W12/069
Inventor 董建强常朝稳司志刚秦晰赵国磊梁松涛廖正赟王一宁刘熙胖
Owner ZHENGZHOU XINDA JIEAN INFORMATION TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com