WO2010121474A1 - 一种适合三元对等鉴别可信网络连接架构的平台鉴别管理方法 - Google Patents

一种适合三元对等鉴别可信网络连接架构的平台鉴别管理方法 Download PDF

Info

Publication number
WO2010121474A1
WO2010121474A1 PCT/CN2009/075644 CN2009075644W WO2010121474A1 WO 2010121474 A1 WO2010121474 A1 WO 2010121474A1 CN 2009075644 W CN2009075644 W CN 2009075644W WO 2010121474 A1 WO2010121474 A1 WO 2010121474A1
Authority
WO
WIPO (PCT)
Prior art keywords
access
integrity
tnc
network connection
platform authentication
Prior art date
Application number
PCT/CN2009/075644
Other languages
English (en)
French (fr)
Inventor
肖跃雷
曹军
葛莉
黄振海
Original Assignee
西安西电捷通无线网络通信有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 西安西电捷通无线网络通信有限公司 filed Critical 西安西电捷通无线网络通信有限公司
Publication of WO2010121474A1 publication Critical patent/WO2010121474A1/zh

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint

Definitions

  • the present invention relates to a platform authentication management method suitable for a ternary peer-to-peer authentication trusted network connection architecture. Background technique
  • malware such as viruses and worms
  • More than 35,000 malware have emerged, and more than 40 million computers are infected every year.
  • To contain such attacks it is necessary not only to solve the security transmission and data input check, but also to start defense from the source, that is, from each terminal connected to the network.
  • Traditional security defense technologies have been unable to defend against a wide variety of malicious attacks.
  • TCG-TNC Trusted Network Connection
  • TNC-TNC includes an open terminal integrity architecture and a set of standards to ensure secure interoperability. This set of standards protects a network when the user needs it, and is protected by the user. TCG-TNC is essentially to establish a connection from the integrity of the terminal.
  • TPM Trusted Platform Module
  • Root Kits are attack scripts, modified system programs, or sets of attack scripts and tools for illegally obtaining the highest control of a system in a target system.
  • FIG. 1 is a schematic diagram of the TCG-TNC architecture.
  • Integrity Measurement Collector IMC
  • IMV Integrity Measurement Verifier
  • IF Message Exchange Interface
  • IF-M Message Exchange Interface
  • IF-TNCCS TNC client-TNC Server Interface
  • IF-T Network Authorization Transport Protocol
  • IF-PEP Policy Enforcement Point Integrity
  • the integrity metric collector interface (Integrity Measurement Collector Inteface, IF-IMC) is the interface between the integrity collector and the TNC client.
  • Integrity Measurement Verifier Interface (hereinafter referred to as IF-IM) V ) is the interface between the integrity checker and the TNC server.
  • TNC-TNC architecture based on Tri-element Peer Authentication (hereinafter referred to as TePA) was proposed.
  • TePA Tri-element Peer Authentication
  • the Integrity Measurement Interface is the interface between the integrity collector and the integrity checker.
  • the TNC client-TNC access point interface (TNC Client- TNC Access Point Interface (hereinafter referred to as IF-TNCCAP) is the interface between the TNC client and the TNC access point.
  • the Evaluation Policy Service Interface (hereinafter referred to as IF-EPS) is the TNC access point and evaluation.
  • the interface between the policy providers, the Trusted Network Transport Interface (hereinafter referred to as I F-TNT ) is between the network access requester and the network access controller.
  • IF-APS Authent icat ion Pol icy Service Interface
  • IF-APS Integrity Measurement Collector Interface
  • IF-IMC Integrity Measurement Col lector Inteface
  • IF-IMV integrity metric check interface
  • the platform authentication process in the TCG-TNC architecture shown in Figure 1 is an integrity handshake process between the IMC in the access requester and the IMV in the policy decision point, where the TNC client and the TNC server are responsible for managing the IMC in the access requester.
  • Message transmission between the IMV and the policy decision point ie: Platform authentication management refers to managing the message transmission between the IMC in the access requester and the IMV in the policy decision point.
  • the one-time platform authentication process includes accessing the IMC between the requester and the IMV in the Policy Manager, the integrity handshake process, accessing the IMC in the controller, and the Policy Manager.
  • the present invention provides a platform authentication management method suitable for evaluating independent implementation of a policy server and widely applicable to a ternary peer-to-peer authentication trusted network connection architecture.
  • the technical solution of the present invention is:
  • the present invention provides a platform authentication management method suitable for a ternary peer-to-peer authentication trusted network connection architecture, the method comprising the following steps:
  • Step 1 Before the trusted network connection is made, the TNC client discovers, loads, and initializes the IMC in the access requester, and the TNC access point discovers, loads, and initializes the IMC in the access controller, and evaluates The policy server discovers, loads, and initializes the IMV in the Policy Manager;
  • Step 2 If the access requester needs to evaluate the platform integrity of the access controller, the network access requester sends a platform authentication request to the TNC client; if the access controller needs to evaluate the platform integrity of the access requester, the network access controller Sending a platform authentication request to the TNC access point;
  • Step 3 The IMC in the access requester, the TNC client, the IMC in the access controller, the TNC access point, the IMV in the policy manager, and the evaluation policy server perform the platform authentication process, and the platform authentication process includes the platform authentication protocol.
  • Management method, the management method of the platform authentication protocol specifically includes:
  • Step 3. The TNC client, the TNC access point, and the evaluation policy server perform a platform authentication protocol.
  • the platform authentication protocol if the access controller needs to evaluate the platform integrity of the access requester, the TNC access point The TNC client sends the integrity metric parameter to the access requester, and obtains the integrity metric parameter of the access requester that actually completes the metric. If the access requester needs to evaluate the platform integrity of the access controller, the TNC client The TNC access point sends an integrity metric parameter to the access controller and obtains an integrity metric parameter to the access controller that actually completes the metric;
  • Step 3 The TNC access point verifies that the integrity metric parameter of the access requester is the same as the integrity metric parameter of the access requester of the actually completed metric, and the TNC client verifies the integrity metric for the access controller. Whether the parameter is the same as the integrity metric of the access controller that actually completed the metric;
  • the TNC access point If the integrity metric parameter of the access requester is the same as the integrity metric parameter of the access requester of the actual completed metric, and the integrity of the access controller and the integrity of the access controller to the actual completed metric If the metric parameters are the same, the TNC access point generates a behavior recommendation for the access requester and sends it to the TNC client in the current platform authentication protocol, and the TNC client generates a behavior recommendation for the access controller and authenticates the protocol in the current round. Sent to the TNC access point;
  • the integrity metric parameter of the access requester is the same as the integrity metric parameter of the access requester of the actually completed metric, the integrity metric of the access controller and the integrity of the access controller of the actual completed metric
  • the metric parameters are different, and the TNC access point generates a row for the access requester. Is recommended and sent to the TNC client in this round of platform authentication protocol, and then between the integrity metrics of the access controller in the current platform authentication protocol and the integrity metrics of the access controller to the actual completed metrics The difference is used as the integrity metric of the access controller in the next round of platform authentication protocol, and jumps to step 3.1;
  • the integrity metric parameter of the access requester is different from the integrity metric parameter of the access requester of the actually completed metric, the integrity metric parameter of the access controller is complete with the access controller of the actual completed metric. If the metric parameters are the same, the TNC client generates a behavior recommendation for the access controller and sends a recommendation for the behavior of the access controller to the TNC access point in the current round of platform authentication protocol, and accesses the current round of platform authentication protocol. The difference between the requester's integrity metric and the actual metric of the access evaluator's integrity metric is used as the integrity metric for the access requestor in the next round of platform authentication protocol, and jumps to step 3. . 1 ;
  • the integrity metric parameter of the access requester is different from the integrity metric parameter of the access requester of the actual completed metric, and the integrity metric parameter of the access controller and the integrity of the access controller of the actual completed metric If the sex metric parameters are different, the difference between the integrity metric parameter of the access requester and the integrity metric parameter of the access evaluator of the actual completed metric in the current round of platform authentication protocol is used as the next round of platform authentication protocol. In the integrity metric parameter of the access requester, the difference between the integrity metric parameter of the access controller in the current round platform authentication protocol and the integrity metric parameter of the access controller of the actually completed metric is taken as the next The integrity metric of the access controller in the round platform authentication protocol, and jump to step 3.1;
  • Step 4 After the platform authentication process is completed, the TNC client sends the behavior recommendation of the access controller to the network access requester, and the TNC access point sends the behavior request recommendation of the access requester to the network access controller.
  • Step 5 If the evaluation strategy changes or the platform is repaired, skip to step 3.
  • the platform authentication process in the above step 3 also includes a trusted network connection management method.
  • the specific steps of the trusted network connection management method include: when the TNC client receives the access requester in the first round platform authentication protocol When the integrity metric is parameterized, the TNC client locally generates a network connection identifier with the TNC access point and sets the network connection status for the network connection identifier to be created, between the IMC in the access requester and the IMV in the Policy Manager.
  • the integrity handshake begins with setting the network connection status to the integrity handshake for the network connection identifier.
  • the TNC access point When the TNC access point receives the integrity metric parameter for the access controller in the first round platform authentication protocol, the TNC access point is locally generated and The network connection identifier of the TNC client and the network connection status is set for the network connection identifier, and the network connection status is set for the network connection identifier when the integrity handshake between the IMC in the access controller and the IMV in the policy manager starts.
  • the TNC client, the TNC access point, and the evaluation policy server For the integrity handshake; the TNC client, the TNC access point, and the evaluation policy server perform multiple rounds of platform authentication protocols to implement IMC between the access requester and the IMV in the Policy Manager, and the IMC and policy in the access controller.
  • TNC client when the TNC client receives a behavior recommendation for accessing the controller in the platform authentication protocol, T The NC client sets the network connection status to the behavior of the access controller for the generated network connection identifier.
  • TNC access point receives the behavior recommendation of the access requester in the platform authentication protocol, the TNC access point is generated.
  • the network connection identifier sets the network connection status as a behavior recommendation for the access requester.
  • the specific steps of the trusted network connection management method include: when the TNC client receives the integrity metric parameter of the access requester in the first round platform authentication protocol, the TNC The client sets the network connection status to the integrity handshake for the network connection identity when the integrity handshake between the IMC in the access requester and the IMV in the Policy Manager begins, when the TNC access point is in the first round platform authentication protocol. Receiving integrity metrics for the access controller, the TNC access point sets the network connection status to integrity for the network connection identity when the integrity handshake between the IMC in the access controller and the IMV in the Policy Manager begins.
  • TNC client, TNC access point, and evaluation policy server perform multiple rounds of platform authentication protocol to implement access between the IMC in the requester and the IMV in the Policy Manager, in the IMC and Policy Manager in the Access Controller
  • the integrity handshake between the IMVs when the TNC client receives the behavior recommendation of the access controller in the platform authentication protocol, the TNC client generates Network connection identifier is provided a network connection state of the access controller acts recommendation, when the access point receives TNC behavior in internet access requestor authentication protocol recommended, then TNC The entry point sets the network connection status for the generated network connection identifier as a behavior recommendation for the access requester.
  • the network connection identifier generated by the TNC client and the TNC access point in the above step 3 remains unchanged during the trusted network connection process.
  • the TNC client and the TNC access point respectively Delete the network connection identifier generated by the TNC client and TNC access point in step 3 above.
  • the platform identification process in step 3 above includes one or more rounds of platform authentication protocols.
  • step 3 above the evaluation policy server needs to locally create a session identifier to distinguish each platform authentication process or each round of platform authentication protocol.
  • the present invention facilitates the evaluation of the independent implementation of a policy server.
  • the TNC client and the TNC access point of the present invention manage the respective established network connections, and the TNC client and the TNC access point management platform authentication process, and the evaluation policy server does not participate in the network connection management, and only needs to identify each round of the platform.
  • the authentication protocol or each platform authentication process is beneficial to evaluate the independent implementation of the policy provider, such as: using a third-party service provider to achieve better scalability and centralized management;
  • the invention is widely applicable.
  • the platform authentication process of the present invention can be completed by using a round of platform authentication protocol, or can be completed by using multiple rounds of platform authentication protocols, which can meet the application requirements of different network devices.
  • FIG. 1 is a schematic diagram of a TCG-TNC architecture in the prior art
  • FIG. 2 is a schematic diagram of a TPA architecture based on TePA in the prior art
  • FIG. 3 is a flowchart of a platform authentication management method suitable for a ternary peer-to-peer authentication trusted network connection architecture according to the present invention. detailed description
  • a trusted network connection process can be accomplished through multiple platform authentication processes, and a platform authentication process can include one or more rounds of platform authentication protocols.
  • a platform authentication process can include one or more rounds of platform authentication protocols.
  • the present invention provides a platform authentication management method suitable for the ternary peer-to-peer authentication trusted network connection architecture, and FIG. 3 is a suitable ternary equivalent provided by the present invention.
  • a flowchart of a platform authentication management method for authenticating a trusted network connection architecture, as shown in FIG. 3, the method includes the following steps:
  • Step 1 Before the trusted network connection is made, the TNC client discovers, loads, and initializes the IMC in the access requester.
  • the TNC access point discovers, loads, and initializes the IMC in the access controller, and the evaluation policy server discovers and loads. And initializing the IMV in the Policy Manager;
  • Step 2 If the access requester needs to evaluate the platform integrity of the access controller, the network access requester sends a platform authentication request to the TNC client; if the access controller needs to evaluate the platform integrity of the access requester, the network access controller Sending a platform authentication request to the TNC access point;
  • Step 3 The IMC in the access requester, the TNC client, the IMC in the access controller, the TNC access point, the IMV in the Policy Manager, and the evaluation policy server perform the platform authentication process.
  • a platform identification process may include multiple rounds of platform authentication protocols, and the management methods for these platform authentication protocols are as follows:
  • Step 3 The TNC client, the TNC access point, and the evaluation policy server perform a platform authentication protocol.
  • the platform authentication protocol if the access controller needs to evaluate the platform integrity of the access requester, the TNC access point first Sending an integrity metric parameter to the access requester to the TNC client, and then obtaining an integrity metric parameter for the access requester that actually completes the metric. If the access requestor needs to evaluate the platform integrity of the access controller, the TNC client First sending an integrity metric parameter to the access controller to the TNC access point, and then obtaining an integrity metric parameter to the access controller that actually completes the metric;
  • Step 3 The TNC access point verifies that the integrity metric parameter of the access requester is the same as the integrity metric parameter of the access requester of the actually completed metric, and the TNC client verifies the integrity metric for the access controller. Whether the parameter is the same as the integrity metric of the access controller that actually completed the metric;
  • the TNC access point If the access evaluator's integrity metric is related to the actual completed metric to the access requester The integrity metric parameters are the same, and the integrity metric parameters for the access controller are the same as the integrity metric parameters of the access controller for the actual completed metric, then the TNC access point generates a behavior recommendation for the access requester and is in this round
  • the platform authentication protocol is sent to the TNC client, and the TNC client generates a behavior recommendation for the access controller and sends it to the TNC access point in the current round platform authentication protocol;
  • the integrity metric parameter of the access requester is the same as the integrity metric parameter of the access requester of the actually completed metric, the integrity metric of the access controller and the integrity of the access controller of the actual completed metric
  • the metric parameters are different.
  • the TNC access point generates the behavior recommendation for the access requester and sends it to the TNC client in the current round of platform authentication protocol.
  • the integrity metric parameters of the access controller in the current round of platform authentication protocol are actual.
  • the difference between the integrity metric parameters of the access controller that has completed the metric is taken as the integrity metric parameter of the access controller in the next round of platform authentication protocol, and finally jumps to step 3.1;
  • the TNC client If the integrity metric parameter of the access requester is different from the integrity metric parameter of the access requester of the actually completed metric, the integrity metric of the access controller and the integrity of the access controller of the actual completed metric If the metric parameters are the same, the TNC client generates a behavior recommendation for the access controller and sends a recommendation for the behavior of the access controller to the TNC access point in the current round of the platform authentication protocol, and then the access request in the current round of platform authentication protocol. The difference between the integrity metric of the person and the integrity metric of the access evaluator of the actual completed metric is used as the integrity metric of the access requester in the next round of platform authentication protocol, and finally jumps to step 3. 1 ;
  • the integrity metric parameter of the access requester is different from the integrity metric parameter of the access requester of the actual completed metric, and the integrity metric parameter of the access controller and the integrity of the access controller of the actual completed metric If the sex metric parameters are different, the difference between the integrity metric parameter of the access requester and the integrity metric parameter of the access evaluator of the actual completed metric in the current round of platform authentication protocol is used as the next round of platform authentication protocol.
  • Step 4 After the platform authentication process is completed, the TNC client sends the behavior recommendation of the access controller to the network access requester, and the TNC access point sends the behavior recommendation of the access requester to the network access controller.
  • Step 5 If the evaluation strategy changes or the platform is repaired, skip to step 3.
  • step 3 If the platform authentication process in step 3 is the first platform authentication process in the above method, then: First, when the TNC client receives the integrity metric parameter for the access requester in the first round platform authentication protocol, the TNC client The local connection generates a network connection identifier with the TNC access point and sets the network connection status for the network connection identifier to be created, and the integrity handshake between the IMC in the access requester and the IMV in the policy manager is the network The connection identifier sets the network connection status to an integrity handshake.
  • the TNC access point When the TNC access point receives the integrity metric parameter for the access controller in the first round platform authentication protocol, the TNC access point locally generates a network connection identifier with the TNC client and is The network connection identifier sets the network connection status to be created, and sets the network connection status to the integrity handshake for the network connection identifier when the integrity handshake between the IMC in the access controller and the IMV in the policy manager begins; then, the TNC Clients, TNC access points, and evaluation policy providers execute multiple rounds of platform authentication protocols to implement access requesters
  • the TNC client sets the network connection status to the behavior of the access controller for the network connection identifier generated above.
  • the TNC access point receives the behavior recommendation of the access requester in the platform authentication protocol, the TNC access point is the above.
  • step 3 If the platform authentication process in step 3 is not the first platform authentication process in the above method, then: First, when the TNC client receives the integrity metric parameter for the access requester in the first round platform authentication protocol, the TNC The client sets the network connection status to the integrity handshake for the network connection identity when the integrity handshake between the IMC in the access requester and the IMV in the Policy Manager begins, when the TNC accesses The point receives the integrity metric parameter for the access controller in the first round of platform authentication protocol, and the TNC access point is the network connection when the integrity handshake between the IMC in the access controller and the IMV in the policy manager begins.
  • the identifier sets the network connection status to an integrity handshake; then, the TNC client, the TNC access point, and the evaluation policy server perform multiple rounds of platform authentication protocols to implement access between the IMC in the access requester and the IMV in the Policy Manager.
  • the integrity handshake between the IMC in the controller and the IMV in the Policy Manager.
  • the TNC client receives the behavior recommendation of the access controller in the platform authentication protocol
  • the TNC client sets the network connection identifier generated above.
  • the network connection status is recommended for the behavior of the access controller.
  • the TNC access point receives the behavior recommendation of the access requester in the platform authentication protocol
  • the TNC access point sets the network connection status to the access request for the generated network connection identifier. Behavioral recommendation;
  • the network connection management method further includes: the network connection identifier generated by the TNC client and the TNC access point in the foregoing 11) remains unchanged during the trusted network connection process, when the access requester and the access control When the device is disconnected, the TNC client and the TNC access point respectively delete the network connection identifier generated by the TNC client and the TNC access point in the above step 11).
  • the evaluation policy server does not participate in the network connection management, it needs to locally create a session identifier to distinguish the platform authentication process or the platform authentication protocol in the trusted network connection process.
  • the foregoing storage medium includes: a medium that can store program codes, such as a ROM, a RAM, a magnetic disk, or an optical disk.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Power Engineering (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Storage Device Security (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Description

一种适合三元对等鉴别可信网络连接架构的平台鉴别管理方法 本申请要求于 2009 年 4 月 21 日提交中国专利局、 申请号为 200910022118. 3 , 发明名称为 "一种适合三元对等鉴别可信网络连接架构的 平台鉴别管理方法" 的中国专利申请的优先权, 其全部内容通过引用结合在 本申请中。 技术领域
本发明涉及一种适合三元对等鉴别可信网络连接架构的平台鉴别管理方 法。 背景技术
随着信息化的不断发展, 病毒、 蠕虫等恶意软件的问题异常突出。 目前 已经出现了超过三万五千种的恶意软件, 每年都有超过四千万的计算机被感 染。 要遏制住这类攻击, 不仅需要解决安全的传输和数据输入时的检查, 还 要从源头即从每一台连接到网络的终端开始防御。 而传统的安全防御技术已 经无法防御种类繁多的恶意攻击。
国际可信计算组织 (Trus ted Comput ing Group , 以下简称: TCG )针对 这个问题, 专门制定了一个基于可信计算技术的网络连接规范一一可信网络 连接(Trus ted Network Connect , , 以下简称: TNC ) , 简记为 TCG- TNC, 其 包括了开放的终端完整性架构和一套确保安全互操作的标准。 这套标准可以 在用户需要时保护一个网络, 且由用户自定义保护到什么程度。 TCG-TNC本质 上就是要从终端的完整性开始建立连接。 首先, 要创建一套在可信网络内部 系统运行状况的策略。 只有遵守网络设定策略的终端才能访问网络, 网络将 隔离和定位那些不遵守策略的设备。 由于使用了可信平台模块 (Trus ted Pla tform Module , 以下简称: TPM ) , 所以还可以阻挡 root ki t s的攻击。 root kits是一种攻击脚本、 经修改的系统程序, 或者成套攻击脚本和工具, 用于 在一个目标系统中非法获取系统的最高控制权限。
参见图 1,是 TCG-TNC架构示意图。对于特定厂家完整性收集者( Integrity Measurement Collector , 以下简称: IMC ) -完整性校验者 ( Integrity Measurement Verifier, 以下简称: IMV) , 消息交换接口 ( Vendor-Specific IMC-IMV Messages, 以下简称: IF-M)是完整性收集者和完整性校验者之间 的接口, TNC客户端 - TNC服务端接口 (TNC Client- TNC Server Interface, IF-TNCCS )是丁 客户端和 TNC服务端之间的接口,网络授权传输协议( Network Authorization Transport Protocol, 以下简称: IF-T )是网络访问请求者 和网络访问授权者之间的接口, 策略执行点接口 ( Policy Enforcement Point Integrity, 以下简称: IF-PEP )是策略执行点和网络访问授权者之间的接口, 完整性度量收集者接口 ( Integrity Measurement Collector Inteface, 以 下简称: IF-IMC)是完整性收集者和 TNC客户端之间的接口, 完整性度量校验 接口 ( Integrity Measurement Verifier Interface, 以下简称: IF-IMV ) 是完整性校验者和 TNC服务端之间的接口。
但是, 由于图 1所示的 TCG-TNC架构中访问请求者不评估策略执行点的完 整性, 所以该架构存在策略执行点不可信赖的问题。 为了解决这一问题, 一 种基于三元对等鉴另 (Tri_element Peer Authentication, 以下简称: TePA ) 的 TNC架构被提出。 基于 TePA的 TNC架构示意图如图 2所示。
在图 2中, 完整性度量接口 ( Integrity Measurement Interface, 以下 简称: IF-IM)是完整性收集者和完整性校验者之间的接口, TNC客户端 -TNC 接入点接口(TNC Client- TNC Access Point Interface,以下简称: IF-TNCCAP) 是 TNC客户端和 TNC接入点之间的接口, 评估策略服务接口 (Evaluation Policy Service Interface, 以下简称: IF-EPS )是 TNC接入点和评估策略服 务者之间的接口, 可信网络传输接口 ( Trusted Network Transport Interface, 以下简称: I F-TNT )是网络访问请求者和网络访问控制者之间的 接口, 婆另1 J策格月良务接口 ( Authent icat ion Pol icy Service Interface, 以 下简称: IF-APS )是网络访问控制者和鉴别策略服务者之间的接口, 完整性 度量收集者接口 ( Integr i ty Measurement Col lector Inteface, 以下简称: IF-IMC )是完整性收集者和 TNC客户端之间, 以及完整性收集者和 TNC接入点 之间的接口, 完整性度量校验接口 ( Integr i ty Measurement Ver if ier Interface , 以下简称: IF-IMV )是完整性校验者和评估策略服务者之间的接 口。
图 1所示的 TCG-TNC架构中平台鉴别过程是访问请求者中的 IMC和策略 决策点中的 IMV之间完整性握手过程, 其中 TNC客户端和 TNC服务端负责管 理访问请求者中的 IMC和策略决策点中的 IMV之间的消息传输, 即: 平台鉴 别管理指的是管理访问请求者中的 IMC和策略决策点中的 IMV之间的消息传 输。 但是, 对于图 2所示的基于 TePA的 TNC架构, 一次平台鉴别过程包括访 问请求者中的 IMC和策略管理器中的 IMV之间完整性握手过程、 访问控制器 中的 IMC和策略管理器中的 IMV之间的完整性握手过程, 从而 TNC客户端、 TNC 接入点和策略管理器需要管理两个完整性握手过程, 所以图 1 所示的 TCG-TNC架构中的平台鉴别管理方法不能适用基于 TePA的 TNC架构。 因此, 需要设计一种适合基于 TePA的 TNC架构的平台鉴别管理方法。 发明内容
为了解决背景技术中存在的上述技术问题, 本发明提供了一种有利于评 估策略服务者的独立实现、 应用广泛的适合三元对等鉴别可信网络连接架构 的平台鉴别管理方法。
本发明的技术解决方案是: 本发明提供了一种适合三元对等鉴别可信网 络连接架构的平台鉴别管理方法, 该方法包括以下步骤:
步骤 1、 在进行可信网络连接之前, TNC客户端发现、 加载和初始化访问 请求者中的 IMC, TNC接入点发现、 加载和初始化访问控制器中的 IMC, 而评估 策略服务者发现、 加载和初始化策略管理器中的 IMV;
步骤 2、 若访问请求者需要评估访问控制器的平台完整性, 则网络访问请 求者向 TNC客户端发送平台鉴别请求;若访问控制器需要评估访问请求者的平 台完整性, 则网络访问控制者向 TNC接入点发送平台鉴别请求;
步骤 3、 访问请求者中的 IMC、 TNC客户端、 访问控制器中的 IMC、 TNC接 入点、 策略管理器中的 IMV和评估策略服务者执行平台鉴别过程, 平台鉴别 过程中包括平台鉴别协议的管理方法,所述平台鉴别协议的管理方法具体包 括:
步骤 3. 1、 TNC客户端、 TNC接入点和评估策略服务者执行平台鉴别协议, 在该平台鉴别协议中, 若访问控制器需要评估访问请求者的平台完整性, 则 TNC接入点向 TNC客户端发送对访问请求者的完整性度量参数, 并获得实际已 完成度量的对访问请求者的完整性度量参数, 若访问请求者需要评估访问控 制器的平台完整性, 则 TNC客户端向 TNC接入点发送对访问控制器的完整性度 量参数, 并获得实际已完成度量的对访问控制器的完整性度量参数;
步骤 3. 2、 TNC接入点验证对访问请求者的完整性度量参数与实际已完成 度量的对访问请求者的完整性度量参数是否相同,而 TNC客户端验证对访问控 制器的完整性度量参数与实际已完成度量的对访问控制器的完整性度量参数 是否相同;
若对访问请求者的完整性度量参数与实际已完成度量的对访问请求者的 完整性度量参数相同, 以及对访问控制器的完整性度量参数与实际已完成度 量的对访问控制器的完整性度量参数相同,则 TNC接入点生成对访问请求者的 行为推荐并在本轮平台鉴别协议中发送给 TNC客户端, 而 TNC客户端生成对访 问控制器的行为推荐并在本轮平台鉴别协议中发送给 TNC接入点;
若对访问请求者的完整性度量参数与实际已完成度量的对访问请求者的 完整性度量参数相同, 而对访问控制器的完整性度量参数与实际已完成度量 的对访问控制器的完整性度量参数不相同, TNC接入点生成对访问请求者的行 为推荐并在本轮平台鉴别协议中发送给 TNC客户端,然后将本轮平台鉴别协议 中对访问控制器的完整性度量参数与实际已完成度量的对访问控制器的完整 性度量参数之间的差值作为下一轮平台鉴别协议中对访问控制器的完整性度 量参数, 并跳至步骤 3. 1 ;
若对访问请求者的完整性度量参数与实际已完成度量的对访问请求者的 完整性度量参数不相同, 而对访问控制器的完整性度量参数与实际已完成度 量的对访问控制器的完整性度量参数相同,则 TNC客户端生成对访问控制器的 行为推荐并在本轮平台鉴别协议中将对访问控制器的行为推荐发送给 TNC接 入点, 并将本轮平台鉴别协议中对访问请求者的完整性度量参数与实际已完 成度量的对访问请求者的完整性度量参数之间的差值作为下一轮平台鉴别协 议中对访问请求者的完整性度量参数, 并跳至步骤 3. 1 ;
若对访问请求者的完整性度量参数与实际已完成度量的对访问请求者的 完整性度量参数不相同, 以及对访问控制器的完整性度量参数与实际已完成 度量的对访问控制器的完整性度量参数不相同, 则将本轮平台鉴别协议中对 访问请求者的完整性度量参数与实际已完成度量的对访问请求者的完整性度 量参数之间的差值作为下一轮平台鉴别协议中对访问请求者的完整性度量参 数, 将本轮平台鉴别协议中对访问控制器的完整性度量参数与实际已完成度 量的对访问控制器的完整性度量参数之间的差值作为下一轮平台鉴别协议中 对访问控制器的完整性度量参数, 并跳至步骤 3. 1 ;
步骤 4、 平台鉴别过程完成后, TNC客户端将访问控制器的行为推荐发送 给网络访问请求者,而 TNC接入点将访问请求者的行为推荐发送给网络访问控 制者;
步骤 5、 若评估策略发生改变或平台修补完成, 则跳至步骤 3。
上述步骤 3中平台鉴别过程中还包括可信网络连接管理方法。
上述步骤 3中当平台鉴别过程是首次平台鉴别过程时,可信网络连接管理 方法具体步骤包括: 当 TNC客户端在首轮平台鉴别协议中收到对访问请求者的 完整性度量参数时, TNC客户端本地生成与 TNC接入点的网络连接标识并为该 网络连接标识设置网络连接状态为创建,在访问请求者中的 IMC和策略管理器 中的 IMV之间的完整性握手开始时为该网络连接标识设置网络连接状态为完 整性握手, 当 TNC接入点在首轮平台鉴别协议中收到对访问控制器的完整性度 量参数, TNC接入点本地生成与 TNC客户端的网络连接标识并为该网络连接标 识设置网络连接状态为创建, 在访问控制器中的 IMC和策略管理器中的 IMV之 间的完整性握手开始时为该网络连接标识设置网络连接状态为完整性握手; TNC客户端、 TNC接入点和评估策略服务者执行多轮平台鉴别协议来实现访问 请求者中的 IMC与策略管理器中的 IMV之间、访问控制器中的 IMC与策略管理器 中的 IMV之间的完整性握手, 当 TNC客户端在平台鉴别协议中收到访问控制器 的行为推荐时, TNC客户端为所生成的网络连接标识设置网络连接状态为访问 控制器的行为推荐, 当 TNC接入点在平台鉴别协议中收到访问请求者的行为推 荐时, TNC接入点为所生成的网络连接标识设置网络连接状态为访问请求者的 行为推荐。
上述步骤 3中当平台鉴别过程是非首次平台鉴别过程时,可信网络连接管 理方法具体步骤包括: 当 TNC客户端在首轮平台鉴别协议中收到对访问请求者 的完整性度量参数时, TNC客户端在访问请求者中的 IMC和策略管理器中的 IMV 之间的完整性握手开始时为该网络连接标识设置网络连接状态为完整性握 手, 当 TNC接入点在首轮平台鉴别协议中收到对访问控制器的完整性度量参 数, TNC接入点在访问控制器中的 IMC和策略管理器中的 IMV之间的完整性握手 开始时为该网络连接标识设置网络连接状态为完整性握手; TNC客户端、 TNC 接入点和评估策略服务者执行多轮平台鉴别协议来实现访问请求者中的 IMC 与策略管理器中的 IMV之间、访问控制器中的 IMC与策略管理器中的 IMV之间的 完整性握手, 当 TNC客户端在平台鉴别协议中收到访问控制器的行为推荐时, TNC客户端为所生成的网络连接标识设置网络连接状态为访问控制器的行为 推荐, 当 TNC接入点在平台鉴别协议中收到访问请求者的行为推荐时, TNC接 入点为所生成的网络连接标识设置网络连接状态为访问请求者的行为推荐。 上述步骤 3中 TNC客户端和 TNC接入点生成的网络连接标识在可信网络连 接过程中保持不变,当访问请求者和访问控制器断开连接时, TNC客户端和 TNC 接入点分别删除上述步骤 3中 TNC客户端和 TNC接入点生成的网络连接标识。
上述步骤 3中平台鉴别过程包括一轮或多轮平台鉴别协议。
上述步骤 3中评估策略服务者需要本地创建一个会话标识来区分每次平 台鉴别过程或每轮平台鉴别协议。
本发明的优点是:
1、 本发明有利于评估策略服务者的独立实现。 本发明的 TNC客户端和 TNC 接入点管理各自创建的网络连接, 以及 TNC客户端和 TNC接入点管理平台鉴别 过程, 而评估策略服务者不参与网络连接管理, 仅需标识每一轮平台鉴别协 议或每一次平台鉴别过程, 有利于评估策略服务者的独立实现, 如: 釆用第 三方服务提供者来实现, 从而具有较好的可扩展性和集中管理性;
2、 本发明可广泛应用。 本发明的平台鉴别过程可以釆用一轮平台鉴别协 议完成, 也可以釆用多轮平台鉴别协议完成, 可满足不同网络设备的应用需 求。 附图说明
图 1为现有技术中 TCG-TNC架构示意图;
图 2为现有技术中基于 TePA的 TNC架构示意图;
图 3为本发明提供的一种适合三元对等鉴别可信网络连接架构的平台鉴 别管理方法的流程图。 具体实施方式
一个可信网络连接过程可以通过多次平台鉴别过程来完成,而一次平台 鉴别过程又可以包括一轮或多轮平台鉴别协议。 为了实现对可信网络连接过 程中的平台鉴别过程和平台鉴别协议的管理, 本发明提供了一种适合三元对 等鉴别可信网络连接架构的平台鉴别管理方法, 图 3为本发明提供的一种适合 三元对等鉴别可信网络连接架构的平台鉴别管理方法的流程图, 如图 3所示, 该方法包括以下步骤:
步骤 1、 在进行可信网络连接之前, TNC客户端发现、 加载和初始化访问 请求者中的 IMC , TNC接入点发现、 加载和初始化访问控制器中的 IMC , 而评估 策略服务者发现、 加载和初始化策略管理器中的 IMV;
步骤 2、 若访问请求者需要评估访问控制器的平台完整性, 则网络访问请 求者向 TNC客户端发送平台鉴别请求;若访问控制器需要评估访问请求者的平 台完整性, 则网络访问控制者向 TNC接入点发送平台鉴别请求;
步骤 3、 访问请求者中的 IMC、 TNC客户端、 访问控制器中的 IMC、 TNC接入 点、 策略管理器中的 IMV和评估策略服务者执行平台鉴别过程。 一次平台鉴别 过程中可以包括多轮平台鉴别协议, 对这些平台鉴别协议的管理方法具体如 下:
步骤 3. 1、 TNC客户端、 TNC接入点和评估策略服务者执行平台鉴别协议, 在该平台鉴别协议中, 若访问控制器需要评估访问请求者的平台完整性, 则 TNC接入点首先向 TNC客户端发送对访问请求者的完整性度量参数, 然后获得 实际已完成度量的对访问请求者的完整性度量参数, 若访问请求者需要评估 访问控制器的平台完整性, 则 TNC客户端首先向 TNC接入点发送对访问控制器 的完整性度量参数, 然后获得实际已完成度量的对访问控制器的完整性度量 参数;
步骤 3. 2、 TNC接入点验证对访问请求者的完整性度量参数与实际已完成 度量的对访问请求者的完整性度量参数是否相同,而 TNC客户端验证对访问控 制器的完整性度量参数与实际已完成度量的对访问控制器的完整性度量参数 是否相同;
若对访问请求者的完整性度量参数与实际已完成度量的对访问请求者的 完整性度量参数相同, 以及对访问控制器的完整性度量参数与实际已完成度 量的对访问控制器的完整性度量参数相同,则 TNC接入点生成对访问请求者的 行为推荐并在本轮平台鉴别协议中发送给 TNC客户端, 而 TNC客户端生成对访 问控制器的行为推荐并在本轮平台鉴别协议中发送给 TNC接入点;
若对访问请求者的完整性度量参数与实际已完成度量的对访问请求者的 完整性度量参数相同, 而对访问控制器的完整性度量参数与实际已完成度量 的对访问控制器的完整性度量参数不相同, TNC接入点生成对访问请求者的行 为推荐并在本轮平台鉴别协议中发送给 TNC客户端,然后将本轮平台鉴别协议 中对访问控制器的完整性度量参数与实际已完成度量的对访问控制器的完整 性度量参数之间的差值作为下一轮平台鉴别协议中对访问控制器的完整性度 量参数, 最后跳至步骤 3. 1 ;
若对访问请求者的完整性度量参数与实际已完成度量的对访问请求者的 完整性度量参数不相同而对访问控制器的完整性度量参数与实际已完成度量 的对访问控制器的完整性度量参数相同,则 TNC客户端生成对访问控制器的行 为推荐并在本轮平台鉴别协议中将对访问控制器的行为推荐发送给 TNC接入 点, 然后将本轮平台鉴别协议中对访问请求者的完整性度量参数与实际已完 成度量的对访问请求者的完整性度量参数之间的差值作为下一轮平台鉴别协 议中对访问请求者的完整性度量参数, 最后跳至步骤 3. 1 ;
若对访问请求者的完整性度量参数与实际已完成度量的对访问请求者的 完整性度量参数不相同, 以及对访问控制器的完整性度量参数与实际已完成 度量的对访问控制器的完整性度量参数不相同, 则将本轮平台鉴别协议中对 访问请求者的完整性度量参数与实际已完成度量的对访问请求者的完整性度 量参数之间的差值作为下一轮平台鉴别协议中对访问请求者的完整性度量参 数, 将本轮平台鉴别协议中对访问控制器的完整性度量参数与实际已完成度 量的对访问控制器的完整性度量参数之间的差值作为下一轮平台鉴别协议中 对访问控制器的完整性度量参数, 然后跳至步骤 3. 1。 步骤 4、 平台鉴别过程完成后, TNC客户端将访问控制器的行为推荐发送 给网络访问请求者,而 TNC接入点将访问请求者的行为推荐发送给网络访问控 制者;
步骤 5、 若评估策略发生改变或平台修补完成, 则跳至步骤 3。
在一次可信网络连接过程中可以包括多次平台鉴别过程, 其中的网络连 接管理方法如下:
11 ) 、 若步骤 3中平台鉴别过程是上述方法中的首次平台鉴别过程, 则: 首先, 当 TNC客户端在首轮平台鉴别协议中收到对访问请求者的完整性度量参 数时, TNC客户端本地生成与 TNC接入点的网络连接标识并为该网络连接标识 设置网络连接状态为创建, 在访问请求者中的 IMC和策略管理器中的 IMV之间 的完整性握手开始时为该网络连接标识设置网络连接状态为完整性握手, 当 TNC接入点在首轮平台鉴别协议中收到对访问控制器的完整性度量参数, TNC 接入点本地生成与 TNC客户端的网络连接标识并为该网络连接标识设置网络 连接状态为创建, 在访问控制器中的 IMC和策略管理器中的 IMV之间的完整性 握手开始时为该网络连接标识设置网络连接状态为完整性握手; 然后, TNC 客户端、 TNC接入点和评估策略服务者执行多轮平台鉴别协议来实现访问请求 者中的 IMC与策略管理器中的 IMV之间、访问控制器中的 IMC与策略管理器中的 IMV之间的完整性握手, 当 TNC客户端在平台鉴别协议中收到访问控制器的行 为推荐时, TNC客户端为上述所生成的网络连接标识设置网络连接状态为访问 控制器的行为推荐, 当 TNC接入点在平台鉴别协议中收到访问请求者的行为推 荐时, TNC接入点为上述所生成的网络连接标识设置网络连接状态为访问请求 者的行为推荐;
12 ) 、 若步骤 3中的平台鉴别过程不是上述方法中的首次平台鉴别过程, 则: 首先, 当 TNC客户端在首轮平台鉴别协议中收到对访问请求者的完整性度 量参数时, TNC客户端在访问请求者中的 IMC和策略管理器中的 IMV之间的完整 性握手开始时为该网络连接标识设置网络连接状态为完整性握手, 当 TNC接入 点在首轮平台鉴别协议中收到对访问控制器的完整性度量参数, TNC接入点在 访问控制器中的 IMC和策略管理器中的 IMV之间的完整性握手开始时为该网络 连接标识设置网络连接状态为完整性握手; 然后, TNC客户端、 TNC接入点和 评估策略服务者执行多轮平台鉴别协议来实现访问请求者中的 IMC与策略管 理器中的 IMV之间、访问控制器中的 IMC与策略管理器中的 IMV之间的完整性握 手, 当 TNC客户端在平台鉴别协议中收到访问控制器的行为推荐时, TNC客户 端为上述所生成的网络连接标识设置网络连接状态为访问控制器的行为推 荐, 当 TNC接入点在平台鉴别协议中收到访问请求者的行为推荐时, TNC接入 点为上述所生成的网络连接标识设置网络连接状态为访问请求者的行为推 荐;
13 ) 、 在上述方法中, 网络连接管理方法还包括: 上述 11 ) 中 TNC客户端 和 TNC接入点生成的网络连接标识在可信网络连接过程中保持不变, 当访问请 求者和访问控制器断开连接时, TNC客户端和 TNC接入点分别删除上述步骤 11 ) 中 TNC客户端和 TNC接入点所生成的网络连接标识。
在上述方法中, 评估策略服务者虽然不参与网络连接管理, 但需要本地 创建一个会话标识来区分可信网络连接过程中的平台鉴别过程或平台鉴别协 议。
本领域普通技术人员可以理解: 实现上述方法实施例的全部或部分步骤 可以通过程序指令相关的硬件来完成, 前述的程序可以存储于一计算机可读 取存储介质中, 该程序在执行时, 执行包括上述方法实施例的步骤; 而前述 的存储介质包括: R0M、 RAM, 磁碟或者光盘等各种可以存储程序代码的介质。
最后应说明的是: 以上实施例仅用以说明本发明的技术方案, 而非对其 限制; 尽管参照前述实施例对本发明进行了详细的说明, 本领域的普通技术 人员应当理解: 其依然可以对前述各实施例所记载的技术方案进行修改, 或 者对其中部分技术特征进行等同替换; 而这些修改或者替换, 并不使相应技 术方案的本质脱离本发明各实施例技术方案的精神和范围。

Claims

权 利 要 求 书
1、 一种适合三元对等鉴别可信网络连接架构的平台鉴别管理方法, 其特 征在于: 该方法包括以下步骤:
步骤 1、 在进行可信网络连接之前, 可信网络连接 TNC客户端发现、 加载 和初始化访问请求者中的完整性收集者 IMC , TNC接入点发现、 加载和初始化 访问控制器中的 IMC, 而评估策略服务者发现、加载和初始化策略管理器中的 完整性校验者 IMV;
步骤 2、 若访问请求者需要评估访问控制器的平台完整性, 则网络访问请 求者向 TNC客户端发送平台鉴别请求;若访问控制器需要评估访问请求者的平 台完整性, 则网络访问控制者向 TNC接入点发送平台鉴别请求;
步骤 3、 访问请求者中的 IMC、 TNC客户端、 访问控制器中的 IMC、 TNC接入 点、 策略管理器中的 IMV和评估策略服务者执行平台鉴别过程, 平台鉴别过程 中包括平台鉴别协议的管理方法, 所述平台鉴别协议的管理方法具体包括: 步骤 3. 1、 TNC客户端、 TNC接入点和评估策略服务者执行平台鉴别协议, 在该平台鉴别协议中, 若访问控制器需要评估访问请求者的平台完整性, 则 TNC接入点向 TNC客户端发送对访问请求者的完整性度量参数, 并获得实际已 完成度量的对访问请求者的完整性度量参数, 若访问请求者需要评估访问控 制器的平台完整性, 则 TNC客户端向 TNC接入点发送对访问控制器的完整性度 量参数, 并获得实际已完成度量的对访问控制器的完整性度量参数;
步骤 3. 2、 TNC接入点验证对访问请求者的完整性度量参数与实际已完成 度量的对访问请求者的完整性度量参数是否相同,而 TNC客户端验证对访问控 制器的完整性度量参数与实际已完成度量的对访问控制器的完整性度量参数 是否相同;
若对访问请求者的完整性度量参数与实际已完成度量的对访问请求者的 完整性度量参数相同, 以及对访问控制器的完整性度量参数与实际已完成度 量的对访问控制器的完整性度量参数相同,则 TNC接入点生成对访问请求者的 行为推荐并在本轮平台鉴别协议中发送给 TNC客户端, 而 TNC客户端生成对访 问控制器的行为推荐并在本轮平台鉴别协议中发送给 TNC接入点;
若对访问请求者的完整性度量参数与实际已完成度量的对访问请求者的 完整性度量参数相同, 而对访问控制器的完整性度量参数与实际已完成度量 的对访问控制器的完整性度量参数不相同, TNC接入点生成对访问请求者的行 为推荐并在本轮平台鉴别协议中发送给 TNC客户端,然后将本轮平台鉴别协议 中对访问控制器的完整性度量参数与实际已完成度量的对访问控制器的完整 性度量参数之间的差值作为下一轮平台鉴别协议中对访问控制器的完整性度 量参数, 并跳至步骤 3. 1 ;
若对访问请求者的完整性度量参数与实际已完成度量的对访问请求者的 完整性度量参数不相同, 而对访问控制器的完整性度量参数与实际已完成度 量的对访问控制器的完整性度量参数相同,则 TNC客户端生成对访问控制器的 行为推荐并在本轮平台鉴别协议中将对访问控制器的行为推荐发送给 TNC接 入点, 并将本轮平台鉴别协议中对访问请求者的完整性度量参数与实际已完 成度量的对访问请求者的完整性度量参数之间的差值作为下一轮平台鉴别协 议中对访问请求者的完整性度量参数, 并跳至步骤 3. 1 ;
若对访问请求者的完整性度量参数与实际已完成度量的对访问请求者的 完整性度量参数不相同, 以及对访问控制器的完整性度量参数与实际已完成 度量的对访问控制器的完整性度量参数不相同, 则将本轮平台鉴别协议中对 访问请求者的完整性度量参数与实际已完成度量的对访问请求者的完整性度 量参数之间的差值作为下一轮平台鉴别协议中对访问请求者的完整性度量参 数, 将本轮平台鉴别协议中对访问控制器的完整性度量参数与实际已完成度 量的对访问控制器的完整性度量参数之间的差值作为下一轮平台鉴别协议中 对访问控制器的完整性度量参数, 并跳至步骤 3. 1 ;
步骤 4、 平台鉴别过程完成后, TNC客户端将访问控制器的行为推荐发送 给网络访问请求者,而 TNC接入点将访问请求者的行为推荐发送给网络访问控 制者;
步骤 5、 若评估策略发生改变或平台修补完成, 则跳至步骤 3。
2、 根据权利要求 1所述的适合三元对等鉴别可信网络连接架构的平台鉴 别管理方法, 其特征在于: 所述步骤 3中平台鉴别过程中还包括可信网络连接 管理方法。
3、 根据权利要求 2所述的适合三元对等鉴别可信网络连接架构的平台鉴 别管理方法, 其特征在于: 所述步骤 3中当平台鉴别过程是首次平台鉴别过程 时, 可信网络连接管理方法具体步骤包括: 当 TNC客户端在首轮平台鉴别协议 中收到对访问请求者的完整性度量参数时, TNC客户端本地生成与 TNC接入点 的网络连接标识并为该网络连接标识设置网络连接状态为创建, 在访问请求 者中的 IMC和策略管理器中的 IMV之间的完整性握手开始时为该网络连接标识 设置网络连接状态为完整性握手, 当 TNC接入点在首轮平台鉴别协议中收到对 访问控制器的完整性度量参数, TNC接入点本地生成与 TNC客户端的网络连接 标识并为该网络连接标识设置网络连接状态为创建, 在访问控制器中的 IMC 和策略管理器中的 IMV之间的完整性握手开始时为该网络连接标识设置网络 连接状态为完整性握手; TNC客户端、 TNC接入点和评估策略服务者执行多轮 平台鉴别协议来实现访问请求者中的 IMC与策略管理器中的 IMV之间、 访问控 制器中的 IMC与策略管理器中的 IMV之间的完整性握手, 当 TNC客户端在平台鉴 别协议中收到访问控制器的行为推荐时, TNC客户端为所生成的网络连接标识 设置网络连接状态为访问控制器的行为推荐, 当 TNC接入点在平台鉴别协议中 收到访问请求者的行为推荐时, TNC接入点为所生成的网络连接标识设置网络 连接状态为访问请求者的行为推荐。
4、 根据权利要求 2所述的适合三元对等鉴别可信网络连接架构的平台鉴 别管理方法, 其特征在于: 所述步骤 3中当平台鉴别过程是非首次平台鉴别过 程时, 可信网络连接管理方法具体步骤包括: 当 TNC客户端在首轮平台鉴别协 议中收到对访问请求者的完整性度量参数时, TNC客户端在访问请求者中的 IMC和策略管理器中的 IMV之间的完整性握手开始时为该网络连接标识设置网 络连接状态为完整性握手, 当 TNC接入点在首轮平台鉴别协议中收到对访问控 制器的完整性度量参数, TNC接入点在访问控制器中的 IMC和策略管理器中的 IMV之间的完整性握手开始时为该网络连接标识设置网络连接状态为完整性 握手; TNC客户端、 TNC接入点和评估策略服务者执行多轮平台鉴别协议来实 现访问请求者中的 IMC与策略管理器中的 IMV之间、访问控制器中的 IMC与策略 管理器中的 IMV之间的完整性握手, 当 TNC客户端在平台鉴别协议中收到访问 控制器的行为推荐时, TNC客户端为所生成的网络连接标识设置网络连接状态 为访问控制器的行为推荐, 当 TNC接入点在平台鉴别协议中收到访问请求者的 行为推荐时, TNC接入点为所生成的网络连接标识设置网络连接状态为访问请 求者的行为推荐。
5、 根据权利要求 3所述的适合三元对等鉴别可信网络连接架构的平台鉴 别管理方法, 其特征在于: 所述步骤 3中 TNC客户端和 TNC接入点生成的网络连 接标识在可信网络连接过程中保持不变, 当访问请求者和访问控制器断开连 接时, TNC客户端和 TNC接入点分别删除上述步骤 3中 TNC客户端和 TNC接入点生 成的网络连接标识。
6、 根据权利要求 1或 2或 3或 4或 5所述的适合三元对等鉴别可信网络连接 架构的平台鉴别管理方法, 其特征在于: 所述步骤 3中的平台鉴别过程包括一 轮或多轮平台鉴别协议。
7、根据权利要求 1或 2或 3或 4或 5或 6所述的适合三元对等鉴别可信 网络连接架构的平台鉴别管理方法, 其特征在于: 所述步骤 3中评估策略服 务者需要本地创建一个会话标识来区分每次平台鉴别过程或每轮平台鉴别协 议。
PCT/CN2009/075644 2009-04-21 2009-12-16 一种适合三元对等鉴别可信网络连接架构的平台鉴别管理方法 WO2010121474A1 (zh)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN200910022118.3 2009-04-21
CN2009100221183A CN101527636B (zh) 2009-04-21 2009-04-21 一种适合三元对等鉴别可信网络连接架构的平台鉴别管理方法

Publications (1)

Publication Number Publication Date
WO2010121474A1 true WO2010121474A1 (zh) 2010-10-28

Family

ID=41095345

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2009/075644 WO2010121474A1 (zh) 2009-04-21 2009-12-16 一种适合三元对等鉴别可信网络连接架构的平台鉴别管理方法

Country Status (2)

Country Link
CN (1) CN101527636B (zh)
WO (1) WO2010121474A1 (zh)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR101488627B1 (ko) 2010-07-30 2015-01-30 차이나 아이더블유엔콤 씨오., 엘티디 트러스티드 연결 아키텍처에 적용되는 플랫폼 인증 폴리시 관리 방법 및 장치
CN113407947A (zh) * 2021-06-23 2021-09-17 航天科工智能运筹与信息安全研究院(武汉)有限公司 一种云环境下面向移动终端用户的可信连接验证方法

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101527636B (zh) * 2009-04-21 2011-02-16 西安西电捷通无线网络通信股份有限公司 一种适合三元对等鉴别可信网络连接架构的平台鉴别管理方法
CN102045355B (zh) * 2010-12-20 2013-01-16 西安西电捷通无线网络通信股份有限公司 一种适合tcg可信网络连接架构的平台鉴别实现方法
CN102065086B (zh) * 2010-12-20 2013-01-16 西安西电捷通无线网络通信股份有限公司 一种适合可信连接架构的平台鉴别过程管理方法

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20060174322A1 (en) * 2005-01-29 2006-08-03 Cisco Technology, Inc Techniques for presenting network identities at a human interface
CN101242266A (zh) * 2007-08-01 2008-08-13 西安西电捷通无线网络通信有限公司 一种基于三元对等鉴别的可信网络连接方法
CN101378318A (zh) * 2008-10-08 2009-03-04 南京邮电大学 开放网络中基于动态可信第三方的身份认证方法
CN101527636A (zh) * 2009-04-21 2009-09-09 西安西电捷通无线网络通信有限公司 一种适合三元对等鉴别可信网络连接架构的平台鉴别管理方法

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20060174322A1 (en) * 2005-01-29 2006-08-03 Cisco Technology, Inc Techniques for presenting network identities at a human interface
CN101242266A (zh) * 2007-08-01 2008-08-13 西安西电捷通无线网络通信有限公司 一种基于三元对等鉴别的可信网络连接方法
CN101378318A (zh) * 2008-10-08 2009-03-04 南京邮电大学 开放网络中基于动态可信第三方的身份认证方法
CN101527636A (zh) * 2009-04-21 2009-09-09 西安西电捷通无线网络通信有限公司 一种适合三元对等鉴别可信网络连接架构的平台鉴别管理方法

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR101488627B1 (ko) 2010-07-30 2015-01-30 차이나 아이더블유엔콤 씨오., 엘티디 트러스티드 연결 아키텍처에 적용되는 플랫폼 인증 폴리시 관리 방법 및 장치
CN113407947A (zh) * 2021-06-23 2021-09-17 航天科工智能运筹与信息安全研究院(武汉)有限公司 一种云环境下面向移动终端用户的可信连接验证方法

Also Published As

Publication number Publication date
CN101527636B (zh) 2011-02-16
CN101527636A (zh) 2009-09-09

Similar Documents

Publication Publication Date Title
RU2445695C2 (ru) Система управления доступом в надежную сеть на основе трехэлементной равноправной идентификации
RU2444156C1 (ru) Способ управления доступом к защищенной сети на основе трехэлементной аутентификации одноранговых объектов
WO2012013011A1 (zh) 一种适合可信连接架构的平台鉴别策略管理方法及设备
US8255977B2 (en) Trusted network connect method based on tri-element peer authentication
US8191113B2 (en) Trusted network connect system based on tri-element peer authentication
WO2010124504A1 (zh) 适合基于三元对等鉴别的可信网络连接架构的平台鉴别方法
US7886335B1 (en) Reconciliation of multiple sets of network access control policies
WO2010066169A1 (zh) 一种基于三元对等鉴别的可信网络连接实现方法
US8336081B2 (en) Trusted network connect system for enhancing the security
RU2437230C2 (ru) Способ доверенного сетевого соединения для совершенствования защиты
US20120240211A1 (en) Policy-based authentication
US20110238996A1 (en) Trusted network connect handshake method based on tri-element peer authentication
US20220123950A1 (en) Multi-party cloud authenticator
WO2010020187A1 (zh) 一种基于三元对等鉴别可信网络连接的可信网络管理方法
WO2010121474A1 (zh) 一种适合三元对等鉴别可信网络连接架构的平台鉴别管理方法
WO2011109959A1 (zh) 一种适合可信连接架构的平台鉴别实现方法及系统
WO2010118613A1 (zh) 一种三元对等鉴别可信网络连接架构的实现方法
CN103780395B (zh) 网络接入证明双向度量的方法和系统
JP5614500B2 (ja) 委託型認証方法
Liu et al. A trusted access method in software-defined network
CN116015977B (zh) 一种用于物联网设备的网络访问控制方法及系统
WO2011069355A1 (zh) 一种适合三元对等鉴别可信网络连接架构的网络传输方法
WO2012083667A1 (zh) 一种适合可信连接架构的平台鉴别过程管理方法及装置
WO2012083722A1 (zh) 可信网络连接架构平台鉴别实现方法、客户端、及服务端
CN117560134A (zh) 一种基于区块链的分布式可信网络接入方法

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 09843578

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 09843578

Country of ref document: EP

Kind code of ref document: A1