| With the computer and the rapid development of communication technology, the network is getting large-scale and highly distributed while the computer system and network intrusion behaviors are undergoing developments toward the large-scale, distributed and complex direction. Although a variety of network security technology have emerged, such as firewall, intrusion detection, intrusion prevention technology, and scanning, detecting or alarming of the insecurity for the whole network system etc. Those techniques are merely confined to one aspect of safety data collection and processing and cannot accurately monitor the global security of network. Meanwhile, the traditional network security technologies only can block the unauthorized or the illegal users access at the periphery without control of the visitors' terminal, leading to the network security protection only from the external of the network so that the protections seem to be powerless for viruses within the network internal terminal, Trojan attacks and the illegal operations by authorized users. Therefore, it is becoming the focus to build a safe, viable, controllable and reliable network. What's more, construction of the trusted network is relying on the development of the trusted computing technology.Trusted Computing as one of the hottest issues in the field of information security is directly related to the normal operation and interaction with software or system. With the increasingly in-depth study in Trusted Computing, a great deal of achievements has been obtained. The research focus is mainly on hardware; however, the software is comparatively small, particularly the theoretical methods and models in software reliability have not yet gotten.When designing software, people have to be involved. Human factors can not be neglected. Therefore, it is in tremendous significance to quantify and evaluate the internal effectiveness, failure and defects. In this paper,under the background of trusted network connection specification, a number of issues on Trusted Evaluation were discussed and underwent an in-depth study, and the corresponding solutions were proposed. The main work is as follows.The traditional user terminal software on Trusted Evaluation depends on analyzing and assessing the user's behavior history. It can not be comprehensively responded. Furthermore,the evaluation plan is mainly focused on a certain characteristic, so it does not only have the limitations on the metric form, but also is poor in its general performance.To overcome those above problems, ACDATE Scene models are adopted to analyze the credibility of the user terminal software in this paper. Resulting from the good characteristics, Scene models can be utilized in real-time monitoring. In addition,it is discussed from the six areas of ACDATE to judge the user behaviors,and drawn out a relatively comprehensive criterion to distinguish the abnormal behavior which has the security Trusted Network Connect easily achieved. Secondly, it is proposed the credibility assessment and access control model based on ACDATE, a general extension application of TNC basic connectivity framework and processes. Finally, ACDATE simulation is utilized in the "core network war" model. |
PDF Full Text Request