Research On Remediation Technology In Trusted Network Based On Classification Of Level

With the rapid expansion of the Internet and the rapid development of network technology, computers have become more and more important for people's lives and work. However, while modern computers and information technologies are changing people's lifestyles and enhance the production efficiency of companies, they do also leaving the hidden dangers of information security such as spam, computer viruses, denial of service attacks and so on. The existence of such network insecurity makes people have no confidence of the network. As a result, the further development of network function is limited. The existence of a large number of unsafely terminal is an important factor in network security issues. How to make terminal become "Trusted", has become a realistic and urgent issue. The core of information security is changing to the "trusted".The recently raised trusted computing technology adheres to this ideological. Trusted Computing Group (TCG) has published Trusted Network Connection in 2005. According to the norms, before Access Requestor (AR) access the network, TNC server makes various decisions to the AR's accessing request in accordance with current integrity and other security attributes of the AR's systems. When the system's integrity and other security properties meet the demands of access policies, allow the system access the network. In this way, we can greatly enhance the security and credibility of the network.In the TNC Authentication process, considering that the remediation network is an important component of TNC architecture, and no specific solutions have been given in the existing TNC norms, this paper brings forward the model of the Trusted Remediation Network (TRN). Remediation technologies are aim at the AR that is not satisfied with the accessing requirements, not only supply them trusted safe remediation service but also make AR meets the requirements of network access and then access to the network smoothly through remediation (such as install system patches, update software versions and so on). The remediation process of TRN is built on the TNC authentication process: When the AR wants to access the Trusted Network, first of all AR has to receive trusted authentication about identity and integrity information. When the integrity verification fails, Policy Decision Point (PDP) is able to save the identity of the AR and the content information which it needs to be remedied, and sends them to the AR. Then PDP informs AR that its integrity verification is failed. Trusted Remediation Application (TRA) consults with AR if to remedy. If the AR decides to remedy, it will connect remediation server though Policy Enforcement Point (PEP). After sending identity of authentication to trusted remediation server, trusted remediation server will verify the identity of AR. If the authentication is passed, the trusted remediation server will supply AR remediation service in accordance with the appropriate remediation strategy. Through upgrading the version of firewall or installing IE patch such remediation measures, it makes AR being satisfied with the PDP integrity information verification to access to the Trusted Network again.Trusted Remediation system is constituted by Trusted Remediation Application (TRA), Main Trusted Remediation Server (MTRS) and a number of Trusted Remediation Resource Server (TRRS). Throughout the remediation process, TRA is responsible for initiating remediation service requests, showing the remediation process and statues and dealing with the remediation resources. Trusted Remediation Server divides into MTRS and TRRS. MTRS is the entities of completing the user trusted remediation processes, including the authentication of PDP server and AR, and searching for related resources'address for legitimate AR. TRRS is the entity of storing trusted remediation resource. They provide trusted resources downloading service for the legitimate AR. Therefore, to realize the MTRS is mainly the realization of trusted remediation server. MTRS includes remedy processing and resources management these two parts. Remediation system includes the underlying communication module, authentication module, and module of dealing with resources. Management system includes remediation of resource management module and user information management module these two parts.In the practical application of the Trusted Network, access authority of various resources and services in Trusted Network maybe not the same for AR. In order to further enhance the security and flexibility of Trusted Network environment operations, this paper, based on the existing TNC Framework, adds Trusted Level Decision and puts forward the Hiberarchy Trusted Network Framework based on the grade division. On the other hand, this paper combines TRN with grade division, puts forward the model of Trusted Remediation Network based on Grade Division. The AR that failed in integrity measurement could consult with remediation server though this model. The remediation network supplies it service that makes AR reaching to a certain trusted level. For the remediation module, the working principle is basically the same. In order to realize the remediation based on grade division, PDP has to verify the integrity of AR with its trusted attributes and the level information that AR wants to reach one more time. Then, PDP informs MTRS that AR's identity information and the remediation items that it has to be remedied. Other remediation processes are the same with TRN's basically.