The Design And Realization Of The Trusted Access System Of Node In Community Network

As the network-technology develops rapidly and diversified network service appears continuously, the security of network is more important than ever; Community-Network is just a most typical network with high demand of security. In Community-Network, the security of the node becomes a vital indicator of the security of Community-Network.A trusted access system of node in Community-Network that support multi-platform and the quantitative standard for the nodes'security is designed and realized based on the research of the trusted connection method, by using the behaviors'analysis data collected by net monitoring and technology of vulnerability-scanning based on OVAL/CVE and the marking principle of CVSS. The main work in this thesis is listed as follows:(1) The behaviors of network-users are studied. The theory and technology about the measured data from the analysis of the network-users'behaviors are analyzed to provide the theoretical support basis for the design of the trusted access system of node in Community-Network. The monitoring service of the trusted access system based on the Community-Network provides the results of the collection and analysis about data. Quantitative scoring scale of the reliability about the influence of security and accessing which comes from the behaviors of the network-users was showed in this type of network. It also provides theoretical and technical support for the designing, analysis and implementation of the trusted access system.(2)The technology of vulnerability-scanning is studied, and so is the related technology and theory of vulnerability canning and assessment. CVE,OVAL and CVSS,OVAL are deeply researched in order to support the design of trusted access system of node in Community-Network with theoretical evidence.(3) Based on the data collected from the analyses of the network-users, the technology of the vulnerability-scanning based on OVAL and the scoring rules of CVSS, an integrated scheme of the trusted access system of node in Community-Network is realized. The architecture, the working-process and the modules are described in details.(4) The main functions of the system are realized. The important technologies such as the trusted-access algorithm, the method of acquisition data and the key of the vulnerability-scanning are described in details. The working-process and the implementation method of an example about the trusted access system of node in Community-Network are established.The implementation by the trusted access system of node in Community-Network shows that the designing of the system has a strong applicability and flexibility of the different disposition schemes in different architectures of the Community-Network. It displays high effectiveness and stability during the testing of the trusted access evaluation in the different systems and multiple online-hosts. The system also provides reliability and manageability for the node-accessing in the Community-Network which based on the internet explorer. The security of the Community-Network's environment is guaranteed by the trusted system of node in Community-Network.