Unlock instant, AI-driven research and patent intelligence for your innovation.

A high-concurrency policy decision-making system, trusted network system and access method

A strategy decision-making and network system technology, applied in the field of high-concurrency strategy decision-making system, can solve problems such as system delay and achieve the effect of improving efficiency

Active Publication Date: 2021-11-09
SHANDONG CHAOYUE DATA CONTROL ELECTRONICS CO LTD
View PDF7 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0006] The technical task of the present invention is to address the above deficiencies and provide a high-concurrency policy decision-making system, a trusted network system and an access method to solve the problem of how to avoid system delays that occur when large-scale terminals access trusted networks

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A high-concurrency policy decision-making system, trusted network system and access method
  • A high-concurrency policy decision-making system, trusted network system and access method
  • A high-concurrency policy decision-making system, trusted network system and access method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0046]A high-concurrency policy decision-making system of the present invention includes an authentication server and a task scheduling server. There are multiple types of authentication servers corresponding to different types of authentication processes, which can realize user identity authentication and platform integrity authentication. The kernel layer of the task scheduling server is configured with a network card driver module and a netfilter module, and the application layer of the task scheduling server is configured with a user space process. The netfilter module is respectively connected to the above-mentioned various authentication servers, and is used to forward the access authentication request of AR according to the type of authentication process To the corresponding authentication server, the user space process is connected to the netfilter module through the netlink interface to receive the access authentication request, record the AR corresponding to the authen...

Embodiment 2

[0052] A highly concurrent trusted network architecture system of the present invention includes AR, PEP and PDP.

[0053] There are multiple ARs, and the ARs run on the access endpoint device to obtain the security status information of the access endpoint device and submit an access authentication request. Wherein, the security state information is the integrity information collected by the integrity collector IMC (Integrity Measurement Collectors) configured on the access terminal device.

[0054] That is, an integrity collector and multiple ARs are configured on the access endpoint device, and the client collects information through the integrity collector IMC (Integrity Measurement Collectors), and then sends it to the server through the AR module.

[0055] The PEP is connected to the above-mentioned multiple ARs through a switch to receive security status information and access authentication requests, and the relevant port of the switch is configured with 802.1X protoco...

Embodiment 3

[0065] A high-concurrency trusted network access method of the present invention constructs a high-concurrency trusted network system disclosed in Embodiment 1 as a PDP, forwards the AR access authentication request to a corresponding type of authentication server through the PDP, and Summarize the authentication results of various authentication servers to generate a trusted network decision, and judge whether the AR is connected to the trusted network based on the trusted network decision through PEP.

[0066] The workflow of this method is:

[0067] S100. Receive the access authentication request of the AR through the netfilter module, and determine the authentication process type of the access authentication request;

[0068] S200. According to the authentication process type of the access authentication request, forward the access authentication request to the corresponding authentication server through the netfilter module;

[0069] Based on the netlink mechanism, the a...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a high-concurrency strategy decision-making system, a trusted network system and an access method, which belong to the field of trusted network access, and the technical problem to be solved is how to avoid system delays that occur when large-scale terminals access trusted networks. Time. Its structure includes: a variety of authentication servers; a task scheduling server, its kernel layer is configured with a network card driver module and a netfilter module, and its application layer is configured with a user space process. The trusted network system includes: PEP, PDP and multiple ARs. PDP is a high-concurrency policy decision-making system, and PDP is connected to PEP through a task scheduling server. The PDP forwards the AR access authentication request to the corresponding type of authentication server through the netfilter module in the task scheduling server, and summarizes the authentication results of various authentication servers to generate a trusted network decision.

Description

technical field [0001] The invention relates to the field of trusted network access, in particular to a high-concurrency strategy decision-making system, a trusted network system and an access method. Background technique [0002] TNC (English full name is Trusted Network Connect, Chinese translation is Trusted Network Access), as a branch of TCG (English full name is Trusted Computing Group, Chinese translation is Trusted Computing Organization), which is responsible for the trusted task of network terminal access . [0003] A trusted network refers to authenticating the user's identity before the terminal connects to the network. If the authentication is passed, the identity of the terminal platform is authenticated. If the authentication is passed, the trusted status of the terminal platform is measured. If the measurement result meets the security policy of the network connection, the terminal is allowed to connect to the network, otherwise the terminal is connected to ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06
CPCH04L63/08H04L63/123
Inventor 李文通孙大军路永轲刘洋
Owner SHANDONG CHAOYUE DATA CONTROL ELECTRONICS CO LTD