| With the popularization of the internet application,the attacks of the malwares like virus and worms are extraordinarily prominent. The lack of the protection of endpoints in security measures in existence had given a chance to the hackers. Trusted network connection based itself on the protection of the endpoint, can effectively control the diffusing of the malwares and advance the defense ability of the endpoint systems through adopting the idea of endpoint measurement.In this article, TNC specification had been studied in-depth, and following contributions had been made:First, to the problem that protocols in exsistence had given a poor protection to endpoints, we designed and realized a protocol called TNC-PKI through combining the ideas of endpoint measurement of Tusted Network Connection specification and cipher technology of Public Key Infrastructure. Not only the protocol can offer user identity authentication, but also can carry the endpoint measurement, so it can prevent the connection of unexpected endpoints, and offer a full-scale protection to endpoints, network and servers.Second, to the problme that authention and authorization were disjoint, we adopted the idea of trustworthiness, and designed and deduced a multi-level authentication scheme based on TNC-PKI protocol. The scheme made the server sytems educe the security sates of certain endpoint according to the authentication results, and active corresponding access rights for it, so endpoints in every security state can enjoy some access right.Third, in order to make the idea of multi-level authentication systematic, we integrated the trustworthiness technology, and had establised security rules for stadges including logging, authentication and information flow control. What's more, a formalization desicription and security anylais of the rules had been given.Fourth, in order to realize the TNC-PKI protocol, we had contrasted different intercepting technologies, and conluded that NDIS Intermediate Driver was the best choice for the realization, for virus and worms can hardly avoid the block of this layer, so the security of the protocol can be further advanced.Fifth, considering the vadility of the TNC-PKI protocol, we had carried the function and performance test in the LAN where trusted computers and entrusted computers coexist. The results indicated the integrity of the codes and the low-cost and high-security characteristic of the protocol. At the same time, we had proved the validity of the multi-level authentication theory through comparing the test results of the code and the deduced results of the multi-level authentication scheme. |
PDF Full Text Request