中国科学院软件研究所机构知识库
Advanced  
ISCAS OpenIR  > 软件所图书馆  > 会议论文
Title:
a drtm-based method for trusted network connection
Author: Feng Wei ; Qin Yu ; Yu Ai-Min ; Feng Dengguo
Source: Proc. 10th IEEE Int. Conf. on Trust, Security and Privacy in Computing and Communications, TrustCom 2011, 8th IEEE Int. Conf. on Embedded Software and Systems, ICESS 2011, 6th Int. Conf. on FCST 2011
Conference Name: 10th IEEE Int. Conf. on Trust, Security and Privacy in Computing and Communications, TrustCom 2011, 8th IEEE Int. Conf. on Embedded Software and Systems, ICESS 2011, 6th Int. Conf. on Frontier of Computer Science and Technology, FCST 2011
Conference Date: November 1
Issued Date: 2011
Conference Place: Changsha, China
Keyword: Access control ; Computer privacy ; Software agents ; Software reliability
Indexed Type: EI
ISBN: 9780769546001
Department: (1) State Key Laboratory of Information Security Institute of Software Chinese Academy of Sciences Beijing 100190 China
Sponsorship: IEEE TCSC; Central South University; National Natural Science Foundation of China (NSFC); StFX University; Zhejiang University
Abstract: Trusted Network Connection (TNC for short) can prevent insecure terminal from accessing protected network and thus strengthen the security of network. Existing TNC solutions face a serious problem called lying endpoint problem (LEP for short). If an attacker modifies the terminal agent software which is responsible for collecting the integrity state of an endpoint platform, Trusted Network Connection will lose its meanings. Trusted Computing Group (TCG) adds the functionality of trusted computing to prevent lying endpoint problem, but TCG's TNC relies on the traditional Static Root of Trust for Measurement (SRTM) which has too big TCB (Trusted Computing Base) and has been proved unsafe. In this paper, we design and implement an improved TNC scheme with high reliability and scalability based on trusted integrity status of terminal. While focusing on LEP problem under the context of Network Access Control (NAC), we leverage Dynamic Root of Trust for Measurement (DRTM) technology to realize desired security requirements such as smaller TCB. We also use the Logic of Secure Systems (LS2) to prove the security properties of our improved TNC system. Our experimental evaluation demonstrates that our method is feasible. © 2011 IEEE.
English Abstract: Trusted Network Connection (TNC for short) can prevent insecure terminal from accessing protected network and thus strengthen the security of network. Existing TNC solutions face a serious problem called lying endpoint problem (LEP for short). If an attacker modifies the terminal agent software which is responsible for collecting the integrity state of an endpoint platform, Trusted Network Connection will lose its meanings. Trusted Computing Group (TCG) adds the functionality of trusted computing to prevent lying endpoint problem, but TCG's TNC relies on the traditional Static Root of Trust for Measurement (SRTM) which has too big TCB (Trusted Computing Base) and has been proved unsafe. In this paper, we design and implement an improved TNC scheme with high reliability and scalability based on trusted integrity status of terminal. While focusing on LEP problem under the context of Network Access Control (NAC), we leverage Dynamic Root of Trust for Measurement (DRTM) technology to realize desired security requirements such as smaller TCB. We also use the Logic of Secure Systems (LS2) to prove the security properties of our improved TNC system. Our experimental evaluation demonstrates that our method is feasible. © 2011 IEEE.
Language: 英语
Content Type: 会议论文
URI: http://ir.iscas.ac.cn/handle/311060/16252
Appears in Collections:软件所图书馆_会议论文

Files in This Item:

There are no files associated with this item.


Recommended Citation:
Feng Wei,Qin Yu,Yu Ai-Min,et al. a drtm-based method for trusted network connection[C]. 见:10th IEEE Int. Conf. on Trust, Security and Privacy in Computing and Communications, TrustCom 2011, 8th IEEE Int. Conf. on Embedded Software and Systems, ICESS 2011, 6th Int. Conf. on Frontier of Computer Science and Technology, FCST 2011. Changsha, China. November 1.
Service
Recommend this item
Sava as my favorate item
Show this item's statistics
Export Endnote File
Google Scholar
Similar articles in Google Scholar
[Feng Wei]'s Articles
[Qin Yu]'s Articles
[Yu Ai-Min]'s Articles
CSDL cross search
Similar articles in CSDL Cross Search
[Feng Wei]‘s Articles
[Qin Yu]‘s Articles
[Yu Ai-Min]‘s Articles
Related Copyright Policies
Null
Social Bookmarking
Add to CiteULike Add to Connotea Add to Del.icio.us Add to Digg Add to Reddit
所有评论 (0)
暂无评论
 
评注功能仅针对注册用户开放,请您登录
您对该条目有什么异议,请填写以下表单,管理员会尽快联系您。
内 容:
Email:  *
单位:
验证码:   刷新
您在IR的使用过程中有什么好的想法或者建议可以反馈给我们。
标 题:
 *
内 容:
Email:  *
验证码:   刷新

Items in IR are protected by copyright, with all rights reserved, unless otherwise indicated.

 

 

Valid XHTML 1.0!
Copyright © 2007-2021  中国科学院软件研究所 - Feedback
Powered by CSpace