中国科技核心期刊      中国指挥与控制学会会刊     军事装备类重点期刊
指挥控制与仿真

指挥控制与仿真 >

2018 , Vol. 40 >Issue 1: 123 - 127

DOI: https://doi.org/10.3969/j.issn.1673-3819.2018.01.024

工程实践

可信网络连接的容侵模型及安全协议研究

  • 李林峰 ,
  • 孔祥营 ,
  • 张振华
展开
  • 江苏自动化研究所, 江苏 连云港 222061
李林峰(1993-),男,甘肃平凉人,硕士研究生,研究方向为可信计算、网络安全。
孔祥营(1972-),男,博士,研究员。

收稿日期: 2017-11-20

  修回日期: 2017-12-10

  网络出版日期: 2022-05-14

版权

指挥控制与仿真编辑部, 2018, 版权所有,未经授权,不得转载、摘编本刊文章,不得使用本刊的版式设计。
收起

Intrusion Tolerant Model and Security Protocols of Trusted Network Connection

  • LI Lin-feng ,
  • KONG Xiang-ying ,
  • ZHANG Zhen-hua
Expand
  • Jiangsu Automation Research Institute, Lianyungang 222061, China

Received date: 2017-11-20

  Revised date: 2017-12-10

  Online published: 2022-05-14

Copyright

, 2018, Copyright reserved © 2018. Office of Acta Agronomica Sinica All articles published represent the opinions of the authors, and do not reflect the official policy of the Chinese Medical Association or the Editorial Board, unless this is clearly specified.
Fold

摘要

目前的TNC架构存在着多个方面的局限性,这些局限性限制了TNC架构的应用场景。针对TNC架构缺乏入侵处理的缺陷,为了提高TNC架构的可靠性,使其在被入侵的情况下依然正确地完成认证,提出了一种容忍入侵的冗余服务器模型并设计了服务器集群内部的安全协议。在安全的服务器无法被黑客篡改签名的密码学假设下,模型采用服务器集群替代单点认证服务器。集群里的服务器同步完成认证,并通过多轮信息交换确定安全服务器的范围,再由安全服务器协商选举出代表服务器。代表服务器将最终认证结果交付给接入执行点。安全性分析和效率分析比较表明,模型使可信网络接入架构的可靠性明显提高,在完成安全目标的同时产生的时间开销可以被接受。

关键词: 可信网络连接; 容忍入侵; 安全性分析; 可靠性; 服务器集群

本文引用格式

李林峰 , 孔祥营 , 张振华 . 可信网络连接的容侵模型及安全协议研究[J]. 指挥控制与仿真, 2018 , 40(1) : 123 -127 . DOI: 10.3969/j.issn.1673-3819.2018.01.024

Abstract

In the TNC architecture, there are several limitations that limit the application scenario of the TNC architecture. Concerning the fact that the TNC architecture is lack of invasive treatment, this paper proposed a intrusion tolerant of redundant servers model and a design of security protocols within the servers group in order to improve the reliability of TNC architecture, which still correctly complete the certification in the case of being attacked. Under the assumption that a secure server’s signature couldn’t be tampered with by a hacker, the model used a server cluster instead of a single point authentication server. The server in the cluster completed the authentication synchronously and determined the scope of the secure servers with several rounds of information exchange. Then the proxy server was elected by the secure servers. The proxy server delivered the final authentication results to the policy execution point. Security analysis and efficiency comparision with other protocals show that the model can significantly improve the reliability of trusted network connection architecture, and the time overhead can be accepted while completing security goals.

Key words: trusted network connection(TNC); intrusion tolerance; security analysis; reliability; server cluster

参考文献

[1] TCG trusted network connect TNC architecture for interoperability version 1.1 version 1.1[S]. http://www.trustedcomputinggroup.org,2006.
[2] Federated trusted network connect(TNC) version 1.0, Revision 27[EB/OL].[2009-05-18]. https://www.trustedcomputinggroup.org/wp-content/uploads/TNC-Federated-TNC-v1.0-r27.pdf.
[3] TCG trusted network connect TNC architecture for interoperability specification version 1.3[EB/OL].[2008-09-15]. https://www.trustedcomputinggroup.org/specs/TNC.
[4] TCG trusted network connect TNC architecture for interoperability specification version1.4[EB/OL].http://www.trustedcomputinggroup.org/resources/tcg-architecture-overview-version-14, 2009.
[5] TNC IF-TNCCS: Protocol Bindings for SoH, Version 1.0[EB/OL].[2007-05-21]. https://www.trustedcomputinggroup.org/wp-content/uploads/IF-TNCCS-SOH-v1.0-r8.pdf.
[6] TNC IF-PEP: Protocol Bindings for RADIUS Specification, Version 1.1[EB/OL].[2007-02-01]. https://trustedcomputinggroup.org/wp-content/uploads/TNC-IF-PEP-v1.1-rev-0.8.pdf.
[7] TNC IF-IMC Version 1.1, Revision 5[EB/OL].[2006-05-01].https://trustedcomputinggroup.org/wp-content/uploads/TNC-IFIMC-v1-1-r5.pdf.
[8] TNC IF-IMV Version 1.0, Revision 3[EB/OL].[2005-05-03]. https://trustedcomputinggroup.org/wp-content/uploads/TNC-IFIMV-v1-0-r3.pdf.
[9] 张立茹, 鄢楚平, 詹葆荣. 基于EAP-TTLS的可信网络接入认证技术[J]. 计算机与现代化, 2013(10):111-116.
[10] D. Simon, B. Aboba, R Hurst. "The RFC Series and RFC Editor". RFC 5216. Retrieved March, 2008.
[11] 符湘萍, 吴振强. 可信网络接入认证协议的设计与分析[J]. 计算机工程与设计, 2011,32(12):3993-3996.
[12] 魏达, 贾翔鹏, 王健 等. 基于可信证书的可信网络接入模型及实现[J]. 吉林大学学报(工学版), 2010,40(2):496-500.
[13] 赵世军, 冯登国. 基于属性证明的可信网络接入方案[J]. 武汉大学学报(理学版), 2012,58(6):519-525.
[14] Lamport L, Shostak R, Pease M. The byzantine generals problem[J]. ACM Trans on Programming Languages & Systems. 1982,4(3):382-401.
[15] Castro M. Practical byzantine fault tolerance and proactive recovery[J]. ACM Trans on Computer Systems(TOCS). 2002,20(4):398-461.
[16] Cowling J, Myers D, Liskov B, Rodrigues R, Shrira L. HQ replication: A hybrid quorum protocol for Byzantine fault tolerance. In: Proc. of the 7th Symp. on Operating Systems Design and Implementation. Berkeley: USENIX Association, 2006,177.
[17] Kotla R, Alvisi L, Dahlin M, Clement A, Wong E. Zyzzyva: Speculative Byzantine fault tolerance. In: Proc. of the 21st ACM SIGOPS Symp. on Operating Systems Principles. New York: ACM Press, 2007,4558.
[18] GARCIA-MONILA H. Elections in a distributed computing system[J]. IEEE Transactions on Computers, 1982,100(1):48-59.
[19] Lamport L. Paxos Made Simple[J]. ACM SIGACT News, 2001,32(4):18-25.
Options
文章导航

/