可信网络连接安全协议与访问控制体系设计

Design of Trusted Network Connection Security Protocol and Access Control Architecture

下载PDF

导出

摘要针对现阶段可信网络在连接与控制方面存在问题,分析现有可信网络实体功能、结构层次和接口协议,提出包含完整度量收集器在内的全新可信网络连接体系架构,重新设计以EAP-TNC数据包为核心的安全网络协议及访问控制体系。通过设置网络带宽、终端状态和可信等级等多项指标,对体系访问控制和连接性能进行实验测试。结论表明,可信网络连接安全协议和访问控制体系可使终端以安全可控的方式访问网络,具备良好的安全性和可用性。 In order to solve the connection and control problems of trusted network, the entity function, architecture and interface protocol of trusted network are analyzed,a new trusted network connection architecture,including the integrity measurement collector,is proposed,the security network protocol and access control architecture based on EAP-TNC data packet are designed.By setting specifi- cations such as network bandwidth, terminal state and reliability level, the performance of the basic connection and access control is test- ed.The result shows that based on the connection security protocol and access control architecture of trusted network, the terminal equipment can access the network in a secure and controllable way,and the security and availability are improved.

作者王明书

机构地区总参通信工程设计研究院

出处《无线电通信技术》 2016年第5期14-17,共4页 Radio Communications Technology

关键词可信网络连接体系安全协议访问控制 trusted network connection architecture security protocol access control

分类号 TP393.08 [自动化与计算机技术—计算机应用技术]

引文网络
相关文献

参考文献12

1Robert D D.Optical Network Management and Control[J].Proceedings of the IEEE,2012,100(5):132-159.
2Trusted Computing Group.TCG Trusted Network Connect TNC Architecture for Inter operability[EB/OL].http:∥www.trusted computinggroup.org,2012.
3LIANG Zhi-gang,CHEN Yu-hai.The Design and Implementation of Single Sign-on based on Hybrid Architecture[J].Journal of Networks,2012(1):178-186.
4Rexford J,Dovrolis C.Future Internet Architecture:Cleanslate Versus Evolutionary Research[J].Communications of the ACM,2010,53(9):19-23.
5MA Jian-feng,MA Zhuo,WANG Chang-guang,et al.Architecture of Trusted Network Connect[J].Security Access in Wireless Local Area Networks,2009:411-433.
6Martinez-Garcia A,Moreno-Conde A,Jodar-Sanchez F,et al.Sharing Clinical Decisions for Multimorbidity Case Management Using Social Network and Open-Source Tools[J].J Biomed Inform,2013,46(6):978-982.
7Poritz J,Schunter M,Van H E,et al.Property AttestationScalable and Privacy-Friendly Security Assessment of Peer Computers[R].Technical Report RZ3548,2004.
8Chen L,Landfermann R,Loehr H,et al.A Protocol for Property-Based Attestation.Proceedings of the First ACM Workshop On Scalable Trusted Computing[M].USA:ACM Press,2006:7-15.
9Yu R W,Wang L N.Behavior-based Attestation of Policy Enforcement among Trusted Virtual Domains[J].Journal of Networks,2010,6(5):643-649.
10Ulrich G,Benjamin J,Dennis L.Mutual Remote Attestation:Enabling System Cloning for TPM based Platforms[J].Security and Trust Management Lecture Notes in Computer Science,2012:193-203.

1谷惠敏.可信网络连接安全管理与架构设计研究[J].商丘职业技术学院学报,2017,16(2):95-97.
2钱双艳.WEB应用技术在云计算中的应用研究[J].硅谷,2014,7(12):43-43.
3刘慧琳.EAP-TNC协议分析及应用[J].四川教育学院学报,2010,26(11):114-116.
4谢四江,査雅行,池亚平.一种基于可信等级的安全互操作模型[J].计算机应用研究,2012,29(5):1922-1925. 被引量：8
5邓绯.基于模糊综合评判的软件可信度量和评价方法研究[J].四川职业技术学院学报,2012,22(3):147-149.
6马莉,陈凯.一种基于区分服务的VoIP访问控制体系[J].信息安全与通信保密,2005,27(11):90-92.
7邓文莲.访问控制体系在云计算平台中的应用[J].科技通报,2012,28(12):214-216.
8姜大庆.建立一个安全的校园网访问控制体系[J].计算机安全,2002(15):41-43. 被引量：2
9张庆平,郑辉,涂莑生,孙慰迟.Web Service认证体系的分析与实现[J].计算机应用,2003,23(4):56-59. 被引量：5
10陈溪.电力设计院信息系统认证与访问控制策略研究[J].中国商界,2009,0(6X):203-204.

无线电通信技术

2016年第5期

浏览历史

内容加载中请稍等...

可信网络连接安全协议与访问控制体系设计

参考文献12

相关作者

相关机构

相关主题

浏览历史