Research On Key Technologies Of Trusted Network Access Based On User Behavior

With the continuous development of information technology,especially the popularity of Internet applications,Internet-based applications have become the mainstream.A variety of threats of network security and origin trustworthiness need to be solved urgently.Aiming at the requirement of the network security,firsly,constructing the architecture of trusted network is needed,and then the paper proposes an access-behavior-evaluation-supported trusted network connection architecture.Secondly,the support of the key technology of trusted network is needed,Combining the idea of active defense with trusted computing 3.0,the paper studies user identity authentication,terminal integrity measurement,user access-behavior evaluation,user behavior measurement,remote attestation based on user behavior and other key technologies.The paper carries out the trusted measurement to the user's identity,status and behavior from multiple angles.Consequently,the security risks faced by the trusted network can be solved fundamentally.The paper mainly studies the following aspects:1.Based on the current research status of the trusted network connection architecture,the paper analyzes the existent inadequacies of the current trusted network connection architecture,such as TCA,NAC,NAP,TNC and so on.According to the idea of “three entities and three levels” peer-to-peer trusted connection architecture and trusted computing 3.0,the paper extends the TCA network connection architecture.Taking the user's access-behavior as the necessary condition for trusted network connection,this paper proposes and implements the access-behavior-evaluation-supported trusted network connection architecture,and gives the implementation method of trusted evaluation of access-behavior and the process of trusted network connection in detail.Based on this architecture,evaluating the user's access-behavior is still required after the user and platform integrity are all authenticated and the users who pass the access-behavior's evaluation can only be allowed to connect to the trusted network.2.For different network application scenarios,the paper proposes the two authentication schemes that are the non-anonymous identity authentication scheme based on user-ID and anonymous identity authentication scheme based on ring signature.Combining the trusted network connection architecture,the network users' authentication is solved by the schemes.In practise,an user identity need to be traced back in some application scenarios,and an user identity need not be exposed in other application scenarios,so two different authentication schemes are all necessary and important.The non-anonymous identity authentication scheme is based on the new public key cryptography,and avoids the revocation of the public key certificate and the key management problem,so it is more efficient and easy to implement.The anonymous authentication scheme based on ring signature has introduced a ring manager that only authenticates the members and has no permission to open the signature,so it can ensure the anonymity and security,and meet the correctness,anonymity and signature unforgeability by security analysis and verification.3.Due to the inadequacies of current user network behavior measurement models,this paper propose a user behavior measurement model based on implicit feedback control,which measures the user state and behavior of the trusted network and implements the feedback control based on the usage control model and the thought of implicit feedback.The paper proposes the usage control model based on the behavior,the method of constructing the normal behavior library based on implicit feedback and user behavior measurement,which implements the feedback control of the users according to the user status,behavior measurement results and the normal behavior library.4.According to the research status of remote attestation based on user behavior measurement in trusted network,the paper proposes the push mechanism of behavior prediction based on remote attestation.The mechanism achieves the trusted attestation of user behavior by comparing the predictable behavior generated by the client and the actual behavior generated by the server.With the "push mechanism" approach,the users have a greater initiative of the network security policy after accessing the network.The scheme can effectively prevent malicious users in trusted network to cheat.And through the more complete security mechanism and the intelligent confirmation mechanism of the scheme,it can effectively avoid the misjudgement to the users' normal behavior by the inaccurate and incomplete behavior measurement.