System and method for dynamic cross-domain access control based on trusted network connection

A technology of network access control and network access, which is applied in the field of dynamic cross-domain access control system, can solve problems such as inability to guarantee security and credibility, and lack of network fine-grained division, so as to achieve the effect of ensuring security

Active Publication Date: 2015-05-13
SHANDONG LANGCHAO YUNTOU INFORMATION TECH CO LTD
View PDF6 Cites 14 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] The technical problem to be solved by the present invention is: the current trusted network only performs identity authentication and integrity measurement on the terminal when the terminal accesses the network, and cannot guarantee the security and credibility of the terminal after accessing the network, and does not perform fine-grained After the terminal is connected to the network, it can freely access all resources in the network

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • System and method for dynamic cross-domain access control based on trusted network connection
  • System and method for dynamic cross-domain access control based on trusted network connection

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0037] Below with reference to shown in accompanying drawing, the present invention is further described by specific embodiment:

[0038] In order to realize dynamic cross-domain access control of terminals, it is first necessary to divide the network into different security and trusted domains according to the security level, such as figure 1 As shown, the specific process is as follows:

[0039] Step V101: Divide the network into different Vlans through the switch, and the Vlans cannot communicate with each other;

[0040] Step V102: Configure the network security policy on the network access decision maker, configure the terminal security and trusted policy through the configuration file, including the expected measurement value of the terminal key file, network port, service process, etc., and configure the security level corresponding to each security and trusted policy ;

[0041] Step V103: Configure the specific Vlan corresponding to the security policy level at the n...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a system for dynamic cross-domain access control based on trusted network connection. The system comprises a trusted network access requester, a network access decision-maker and a network access controller, wherein the network access decision-maker moves the requester into different safety trusted domains according to the state of the network access requester, so as to achieve dynamic cross-domain access control. The invention further discloses a method for dynamic cross-domain access control based on trusted network connection, and according to the method, platform identity authentication and integrity measurement are carried out by using a domestic TCM chip to rank the network according to safety trusted levels, and the access of the network by a terminal is limited according to the terminal identity authentication and integrity measurement results. According to the invention, dynamic cross-domain access control is set up on the basis of trusted network connection, and the terminal is put in the network domains of different safety levels in a dynamic manner according to the safety trusted status of the terminal in time, so that the safe and trusted access of the network is guaranteed.

Description

technical field [0001] The invention relates to the technical field of trusted networks, in particular to a dynamic cross-domain access control system and method based on trusted network connections. Background technique [0002] With the development of informatization, the problem of malicious software (Malware, such as viruses, worms, etc.) is extremely prominent. The amount of malware is increasing day by day, the number of computers are infected every year, and the problems are increasing every year. Faced with such a severe situation, it is difficult for traditional defense technologies to make major breakthroughs. It is necessary to solve the problem from a different angle, not only to solve the problem of secure transmission and data input checks, but also to start from the source, that is, from each It starts from the terminal connected to the network to curb malicious attacks. [0003] Trusted Network Connection (TNC) is essentially to establish a secure and trust...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
CPCH04L63/02H04L63/105H04L63/18
Inventor 郭猛善冯磊
Owner SHANDONG LANGCHAO YUNTOU INFORMATION TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap