摘要
可信网络连接(TNC)被认为是可信的网络体系结构的重要部分,随着TNC研究和应用的不断深入,TNC架构自身的安全性问题变得更加至关重要.文中重点研究TNC协议架构的安全性问题,首先提出了一种针对TNC协议的基于半马尔可夫过程的安全性量化分析方法;其次针对TNC完整性验证和访问授权过程中存在的安全威胁和漏洞,提出了一套安全性增强机制,并通过安全量化分析方法进行了验证.最后利用IntelIXP2400网络处理器搭建了TNC原型系统,为文中提出的改进机制和系统框架提供了安全量化验证的实际平台.
Trusted Network Connect (TNC) is considered as an important part of trusted network architecture, and with its deeper research and application development, whether it is enough trustworthy during TNC platform authentication and access control becomes a key problem. In the paper, we mainly focus on the trustworthy problem of TNC. First, we proposed a novel security quantifying method which is based on semi-Markov processes. And then, according to the potential threat and security holes during typical message flow and access authorization process in TNC specification, we proposed a set of trustworthy enhanced mechanisms, which is verified by our security quantifying method. Finally a TNC prototype system framework based on IXP2400 network processor is built to be a performance evaluation and trustworthy verification platform.
出处
《计算机学报》
EI
CSCD
北大核心
2009年第5期887-898,共12页
Chinese Journal of Computers
基金
国家自然科学基金(90718040
60673187
60673054
60673160
60803123)资助~~
关键词
可信网络连接
随机模型
认证性
机密性
完整性
trusted network connect
stochastic model
authenticity
integrity
confidentiality