| With the accelerate implementation of information and the rapid development of e-commerce and e-government, the network security is of great significance. Now people are more concerned about how to ensure working at a trusted network environment. In view of the existing network problems, the concept of trusted networks is put forward by scholars, and trusted network is becoming the focus in current academic areas.A trusted network connect system is designed and implemented based on analysis and research on Trusted Network Connection(TNC) and remote attestation mechanism. The system is implemented using the TNC@FHH framework according to the trusted network connection specification of Trusted Computing Group(TCG). The design and implementation of the Integrity Measurement Collector(IMC),Integrity Measurement Verifier(IMV), Platform Trust Service(PTS) and Policy Server in the system is discussed in this paper.IMC/IMV is designed and implemented based on platform integrity, Trojan and virus, and IMC/IMV is provided to TNC@FHH framework as dynamic link library. The remote attestation message between IMC and IMV is formatted by XML file. The measure of PTS is added at the system start, and the integrity of client components in trusted network connect is measured by PTS, and then the trust chain extends to the boundary of local access network. The platform integrity information is collected by PTS, and the information is sent to IMV by IMC, then the information is verified by IMV. Thus, the trust chain extends to network. In finally, the validation idea is proposed as validation policy based on the strategic combinations, and the validation policy varies with the network protection resources. |
PDF Full Text Request