Research On Authentication And Evaluation Protocal In Trusted Network Connection

Open computer networks have brought great convenience to people, but have also brought a huge challenge for protecting information because of a variety of network security issues. Computer users mainly use the traditional single function protection means, which only resist known attacks, but it is hard to prevent loopholes in the system itself and constantly mutated viruses. For most local area network, installing firewalls and security gateways can defend external attacks and virus infection, but it still can neither find loopholes in the system itself, nor prevent unauthorized access stealing security information.Trusted Computing Group (TCG) which was established in 2003 proposes"Trusted Network Connect"(TNC) specification addressing the problem. This specification builds trust chain through the TPM module, and extends the chain to the network. Domestic trusted computing group proposes Trusted Connect Architecture (TCA) based on tri-element peer, which has innovated and improved in TNC.This paper analyses the safety, applicability, and efficiency of TCA deeply, and finds following problems in the authentication and evaluation protocol: 1,The protocol process is too complicated to be used in the open network environment; 2,During the interaction, the computing is too heavy to be afforded by the terminal; 3,The security of protocol needs to be strengthened; 4,The interface specifications between the entities are not supported by secure protocols; 5,Most of the terminals are not with the TPM, so they can't support the protocol.This paper studies the problems above, and the main results can be summarized as follows: 1,An authentication and evaluation protocol confronting the open network for TCA is designed. Through analyzing and approving, the security of protocol is better, and the computing and communicating of the protocol is cutting down sharply; 2,A secure and property enhancing mechanism is designed for interactive interface; 3,A trusted computing terminal based embedded trusted system is presented for implementing TCA prototype system.