Research Of The Key Techniques In Trusted Network Access Control

At present, the importance of network security is increasing day by day, yet various secure problems are emerging endlessly. The TNC work group attaching to TCG proposes a hierarchical and scalable architecture to control endpoints to access trusted computing platform in a secure and effective manner, which can implement message passing and resource sharing.With the rapid development of trusted network platform, the number and scale of application systems connecting into the trusted computing environment expands unceasingly. The running situation of the network is constantly changing, and security threats are sharply rising from emergency, attack, bug and disaster. So, we are facing severe challenges about the security, survivability and availability of the network.Although the TNC work group has come up with a secure and reliable framework in the network admission level, it doesn’t further give the solution in the user authentication level, the system authorization level and the network situational awareness level.In order to solve the problem above, this thesis synthetically plans a general architecture of trusted network access control, which divides access control into multiple levels (including network level, user level and system level). Then, the key security mechanism of every level is designed in detail. Furthermore, by utilizing the network situational awareness method, the whole security situation of trusted network is evaluated and forecasted. Thus, there forms the complete security access defense architecture. The main research work and contributions are:1. General architecture:the research of the trusted network access control architectureBy analyzing the problems of current trusted network access control architecture, based on TNC, TNACA is presented. TNACA organically integrates three levels of access control including:checking the integrity of the endpoint at the entrance of the network; authenticating the identity of the user at the entrance of user access; evaluating trust and authorizing usage at the entrance of system resource access. Also, TNACA evaluates the network security situation and forecasts its trend, which ensures overall and effective network security. In addition, In consideration of the security of data transmission and storage, the cryptography (e.g. RSA, SSL) is utilized to encrypt and sign the security of the important information and messages.2. Network level access control:the research of clientless endpoint admission and FTNCFor one thing, aiming at the problem of many "clientless endpoints" and legacy devices which not supporting or running a functional TNC client which performs integrity checking in today’s networks, a clientless endpoint admission model (CEAM) is proposed. This model makes use of the subset of the standardized TNC components to provide a certain security measurement for clientless endpoints. In line with the different identity credentials extracted from clientless endpoints, five mechanisms are given to make the TNC entities to carry out the security policy assessment for deciding whether clientless endpoints can be connected with the network or not. Moreover, its security status is monitored in real time after connection to dynamically update its connection. With regard to the problem of implementing trusted network interconnection in different security domains, by improving the communication mode and the authentication mechanism about the FTNC scheme, and expanding the certificate application and services, a FTNC model based on security certificate is proposed to handle the information exchange and service access across different security domains, which realizes mutual trust among entities in various networks. In this model, a trusted third-party security certificate authority is set to issue security certificates to verify and store endpoints’SPI. The services in other security domains can query and check the validity of the certificates to decide if the endpoints are permitted to access. This model can effectively limit the connection of malicious or illegal endpoints, and enhances the ability of network security defense.3. User level access control:the research of unified authentication supporting multi-authentication modesBecause TNC doesn’t refer to how to unifiedly manage and use the accounts of the users in the authorized security context, and existing identity authentication schemes can’t support the TNC environment, by improving existing SSO schemes and adding into the TNC entities, and combining with the hot public key cryptography and improving the pseudo random generation algorithm, a unified authentication model supporting multi-authentication modes respectively based on ECC and CPK, IBE, SCPK is put forward. This model authenticates the identities of the users by loading different authentication plugins in the TNC entities to communicate with related authentication servers. According to the legal identities of the users, a lightweight encryption system is used to implement four management mechanisms:the identity management mechanism, the key management mechanism, the application management mechanism and the domain management mechanism. Furthermore, the SSO and SSO across domains are realized. 4. System level access control:the research of usage authorization based on trust managementIn view of the fuzziness of the network circumstance, the randomness of the user behavior, the subjectivity of the historical experience, the interaction complexity and the default probability in heterogeneous and open networks, by improving existing trust management method based on experience and probability, and analyzing the context parameters and status, a usage authorization model based on the trust management (including the trust evaluation, the cloud computing theory and the trust timeliness) is put forward. The model synthetically analyzes multiple trust characteristics and security threats of user access. The weights analysis method and the cloud model are used to extract the Security Level of user access. In the light of the Security Level, access roles and permissions are assigned for the users. In particular, the abundant policy decision factors will constrain the session time. Besides, for retaining the freshness of the security status, the trust timeliness mechanism is presented to periodically trigger the re-assessment of the Security Level for dynamically updating authorization. It not only ensures to normally perform the legal behaviors, but also timely and effectively blocks malicious access.5. Network situational awareness:the research of the evaluation and forecast of trusted network security situationTo solving the problems of the monitoring, audit and network management in trusted network, on the basis of the CSA research framework, according to multi-source information and their certain and uncertain characteristics in trusted network security, by improving existing data fusion technology and utilizing the time series analysis technology, a hierarchical network security situational awareness model is introduced. In this model, firstly, the audit method based on the rule base is utilized to extract the security situational indexes of the network connection information, the system management information, the system monitoring information and the application service information. Secondly, existing data fusion technology is improved. On one hand, the EM method is improved and combined with the AHP method to extract the index weights which are used into the SPA method. On the other hand, the conflict information fusion method is improved in the D-S theory. So, the improved SPA method and the improved D-S method are respectively used to fuse these indexes. Thirdly, the value of the network security situation is evaluated via making use of the weights analysis approach, and the security-situation-graph of the network is drawn. Finally, upon the evaluation result, the Box-Jenkins model and the Holt-Winter model are selected to forecast the trusted network security trend. The real-time and quantitative mechanism of this model may help the administrator to perceive and understand the overall network security situation, to find the network security risks in time, and to rapidly and accurately adjust the security policies and take relevant protective or emergency measures. TNACA has been practically verified and applied in the national defense basic scientific research project. The test results prove that TNACA can effectively and flexibly make all kinds of endpoints access to trusted network in a controlled and secure manner. It achieves unified authentication and usage authorization, reflects current network security situation and its trend, and provides better security, integrity, availability, applicability and scalability.