Research, Trusted Network Model Based On Behavioral Trust

Recent years, the rapid development of network make people's daily life more and more convenience. However, security problems have become increasingly severe with its development. Most countries and regions nowadays are facing network security problems nearly everyday, such as network-fraud, netizen's password of bank card being stolen, the ideal money being embezzling, etc. The loss caused by these behaviors is immeasurable.To ensure the safety of using the network, researchers are taking measures to defense threats from the perimeter of the network, namely, this defense happens when the terminal attempts to access the network. At present, most researchers put their eyes on Trusted Network Connect (TNC)solution proposed by Trusted Computing Group(TCG). TNC framework focuses on the terminal, aiming to verify the terminal accessing to the network from the multi-layer authentication of user identity, platform identity and platform integrity. Nevertheless, problems still exist in this structure. On one hand, the verification to the terminal stays just before the accessing stage, which would no longer trace the terminal once it accessed the network; On the other hand, it is the dynamic behavior that actually affects the trustworthiness of the system platform, while TNC verifies a terminal only from the perspective of static integrity.This paper has made the following contributions on the basis of exploring related technologies of Trusted Computing:1. Propose a behavior-based trusted network model. This model aims to add a behavior monitoring layer on the integrity measurement layer of TNC to achieve the real-time monitoring over remote platform during its whole process of accessing network, and meanwhile, to make the behavior as its core element of remote attestation. This trusted network model has surmounted the limitations of the past static remote attestation, which has fundamentally enhanced the network security, and is right up to the genuine meaning of the trusted network as well.2. Propose two schemes to implement remote attestation of the model mentioned above. Behavior-Property based Integrity Attestation Model (BPIAM) is designed to verify the behavior of remote platform before its connection to trusted network. While Dynamic Remote Attestation Model in Real-Time Monitoring (DRAM-RTM) is designed to verify the trustworthiness of the user's behavior in real- time after the remote platform has accessed the network. 3. Make use of TPM_emulator, JTSS and other related softwares to partially implement the behavior-based trusted network model under Linux operating system.