| With the rapid development of computer technologies and network communications, the government, enterprises, institutions, various organizations and the individuals depend on the network more and more frequently, the applications of computer and network have been permeated into all kinds of fields such as politics, economy, society, education and military affairs. Meanwhile, all kinds of attacks such as computer virus, Trojan Programs and hackers attacks have made current computer network systems very vulnerable. And the loss caused by malicious behavior is immeasurable.The development of network application especially in electronic commerce has challenging network security mechanism. It becomes very necessary to keep network systems authentic, integrated, confidential, valid, rejecting-negative and so on. The current computer security ideology belongs to a kind of static mechanism which joins some security layers between PC and external networks such as password and encryption. The foundations of those security layers like operation systems and hardware systems are very vulnerable. It has been proved that the current security mechanism which couldn't solve all kinds of security problems permanently is not very satisfying. So TCG(Trusted Computing Group) advances the conception of Trusted Computing and constitutes relevant regulations about software implementation and hardware platform. Trusted Computing belongs to a kind of computer platform and its objective is that building up a perfect verification system to enhance the security of computer system.In this verification system, remote communication between two hosts is necessary to implement network connections besides ensuring each host secure. Considering the communication security among hosts, remote authentication will be needed. Traditional remote authentication possesses of many obvious problems. For example, the authentication will be done only to identity and only once. And it belongs to a kind of static authentication and is implemented based on trust in hosts rather than in behavior. Because it is very possible that the programs in terminal hosts have been juggled and the legitimate identity has been filched by malicious entity, making sure that terminal hosts with legitimate identity will never damage to target systems becomes very impossible.In order to make up the defect of traditional authentication, an authentication structure based on client/server is produced according to network connection TNC defined by TCG. In this authentication structure, all authentications are dynamic and consistent. Other than verifying once at the beginning of connections, it will evaluate each aspect of terminal host related to security and monitor the behaviors of terminal host. This new authentication structure is called Semantic Remote Authentication. In order to make it universal, the most popular Java Virtual Machine is adopted as the development platform which is independent to operation system. Moreover, Semantic Remote Authentication is not only useful on the platform of Trusted Computing but also useful on the platform of Untrusty Computing. |
PDF Full Text Request