摘要
针对可信计算平台终端在网络连接认证时存在的安全隐患,提出一个基于可信网络连接框架的网络终端认证模型TNTAM。该模型通过加入身份认证系统模块、信息访问鉴别模块IADM和引入策略管理器来加强终端认证的安全性,实现了用户、改进的认证智能卡以及可信终端三者间的相互认证,并确保了可信终端请求网络服务的可信性和通信安全。对TNTAM模型的具体应用流程进行了设计。最后对比分析表明,该模型减小了可信终端在网络认证时存在的安全隐患并为加强终端认证安全提供了一种思路。
Aiming at the potential safety hazard existed in network access authentication of the terminal of trusted computational platform,we proposed a TNC frame-based network terminal authentication model TNTAM. The model enhances the security of terminal authentication by adding the identification system module,information access and differentiation module IADM and introducing policy manager,and achieves the mutual authentication between the user,the improved smart authentication card and the trusted terminal,as well as ensures the creditability and communication safety of the trusted terminal when requesting network services. Besides,we designed the specific application procedures of TNTAM. Final comparative analysis indicated that the TNTAM diminished the potential safety hazard of the trusted terminal in network authentication,and it also provided a thought to enhancing the security of terminal authentication.
出处
《计算机应用与软件》
CSCD
2015年第12期321-325,共5页
Computer Applications and Software
关键词
可信终端
智能卡
可信网络连接
终端认证模型
应用流程
Trusted terminal
Smart card
Trusted network connection(TNC)
Terminal authentication model
Application procedure
