Remote Authentication System Of Virtual Network Computing Based On Trusted Computing

The rapid development of information technology promotes the computing mode continuously updated and makes the computing mode developing from stand-alone computing to network computing. The feature of this mode is that the applications and data are stored and run on the server side, leaving the client only display and I/O device. Without complex computing, users use the terminal device to get resources and applications from the computing center. With the development of this computing mode, more and more applications and software which based on network computing are turning up. The virtual network computing originated from AT&T Cambridge network lab is the representative one, it is thin-client, cross-platform, and low bandwidth, so it has been widely used.The client attestation method of VNC is random challenge response, but the safety of this method is very limited. If the identity attestation message between server and client was intercepted by an attacker, the attacker can establish a connection with the server through the client camouflage, the attacker could also make use of the leak of the platform configurations to spread virus, these could result to data leakage, message tamper and system collapse. So, in order to make sure that the client is trusted, the traditional malicious programs prevention technology applied on top of the operating system cannot completely prevent these attacks.In order to fundamentally solve these security issues, this paper introduces the Trusted Computing technology. The Trusted Computing technology makes the safety of the terminal platform as a starting point, and makes the hardware chip as the trusting starting point, using the trusting chain on the basic of the trust base to build the safe and trusted terminal application environment. Using remote attestation technology on the trusted application platform to achieve the attestation between the two parts of a connection, and it can make sure the safety and trusting. This paper uses the Trusted Cryptography Module and Trusted Chain to construct the remote attestation applied on VNC, applies the remote platform integrity attestation on the VNC, so the server can make sure the safety of the client from hardware to the top application.