• 中国计算机学会会刊
  • 中国科技核心期刊
  • 中文核心期刊

Computer Engineering & Science >

2011 , Vol. 33 >Issue 4: 8 - 12

DOI: https://doi.org/10.3969/j.issn.1007130X.2011.

论文

Design and Implementation of an Authentication Scheme for Trusted Network Connection Based on EAPTLS

Expand
  • (1.Department of Communication Engineering,Beijing Electronic and Science Technology Institute,Beijing 100070;
    2.School of Communication,Xidian University,Xi’an 710071,China)

Received date: 2010-07-29

  Revised date: 2010-10-26

  Online published: 2011-04-25

Fold

Abstract

When a terminal access network, a trusted authentication of the terminal platform identity and the platform environment are implemented in the TNC architecture, which ensures the credibility of access terminal. However, the trusted authentication has the oneway limitation that can not guarantee the network server's credibility. EAPTLS is a extended authentication protocol based on 802.1x,which suports mutual authentication.On the basis of analyzing the architecture of TNC and the mutual authentication mechanism of EAPTLS,a mutual authentication scheme used in TNC based on EAPTLS is designed in this paper.The mutual authentication scheme is based on the certificates,the integrity and the trusted environment of platform,both for clients and servers.Finally,the paper implements a twoway trusted authentication scheme between the client and the server on the basis of the open source software FHH@TNC,and proves its validity.

Key words: trusted network connection;mutual authentication;EAPTLS

Cite this article

CHI Yaping1,YANG Lei1,2,LI Zhaobin1,FANG Yong1 . Design and Implementation of an Authentication Scheme for Trusted Network Connection Based on EAPTLS[J]. Computer Engineering & Science, 2011 , 33(4) : 8 -12 . DOI: 10.3969/j.issn.1007130X.2011.

References

[1]Trusted Computing Group.TCG Specification Trusted Network Connect TNC Architecture for Interoperability Revision 1.1 [EB/OL].[20060510].http://www.trustedcomputinggroup.org.
[2]LUO Anan, LIN Chuang,CHEN Zhen,et al. TNCcompatible NAC System Implemented on Network Processor[C]∥Proc of the 32nd IEEE Conf on Local Computer Networks,2007:10691075.
[3]Rehbock S, Hunt R. Trustworthy Clients: Architectural Approaches for Extending TNC to WebBased Environments[J]. Computer Communications,2009, 32(5):246249.
[4]罗安安,林闯,王元卓,等.可信网络连接的安全量化分析与协议改进[J].计算机学报,2009,32(5):887898.
[5]邓永晖,卿昱,左朝树,等.一种基于EAP的可信网络接入机制[J].通信技术,2009,12(42):109111.
[6]凤琦,王震宇,李向东,等.基于802.1X的可信网络连接技术[J].计算机工程,2009,35(5):165167.
[7]颜菲,任江春,戴葵,等.基于TNC的安全认证协议的设计与实现[J].计算机工程,2007,33(12):160162.
[8]张焕国,陈璐,张立强.可信网络连接研究[J].计算机学报,2010,33(1):112.
[9]王巧. 基于IEEE 802.1X/EAPTLS安全认证协议的研究和改进[D]. 成都:电子科技大学, 2009.
[10]Open Source Project for TNC[EB/OL].[20061018].http://tnc.inform.fhhannover.de.

Options
Outlines

/

湘公网安备 43010502000083号

湘ICP备10006030号

Copyright © Computer Engineering & Science, All Rights Reserved.

Address:109 Deya Rd,Changsha,hunan(410073) Tel: 0731-87002567 Email: jsjgcykx@vip.163.com

Powered by Beijing Magtech Co., Ltd.