摘要
目前的TNC架构存在着多个方面的局限性,这些局限性限制了TNC架构的应用场景。针对TNC架构缺乏入侵处理的缺陷,为了提高TNC架构的可靠性,使其在被入侵的情况下依然正确地完成认证,提出了一种容忍入侵的冗余服务器模型并设计了服务器集群内部的安全协议。在安全的服务器无法被黑客篡改签名的密码学假设下,模型采用服务器集群替代单点认证服务器。集群里的服务器同步完成认证,并通过多轮信息交换确定安全服务器的范围,再由安全服务器协商选举出代表服务器。代表服务器将最终认证结果交付给接入执行点。安全性分析和效率分析比较表明,模型使可信网络接入架构的可靠性明显提高,在完成安全目标的同时产生的时间开销可以被接受。
In the TNC architecture,there are several limitations that limit the application scenario of the TNC architecture.Concerning the fact that the TNC architecture is lack of invasive treatment,this paper proposed a intrusion tolerant of redundant servers model and a design of security protocols within the servers group in order to improve the reliability of TNC architecture,which still correctly complete the certification in the case of being attacked.Under the assumption that a secure server’s signature couldn’t be tampered with by a hacker,the model used a server cluster instead of a single point authentication server.The server in the cluster completed the authentication synchronously and determined the scope of the secure servers with several rounds of information exchange.Then the proxy server was elected by the secure servers.The proxy server delivered the final authentication results to the policy execution point.Security analysis and efficiency comparision with other protocals show that the model can significantly improve the reliability of trusted network connection architecture,and the time overhead can be accepted while completing security goals.
出处
《指挥控制与仿真》
2018年第1期123-127,共5页
Command Control & Simulation
关键词
可信网络连接
容忍入侵
安全性分析
可靠性
服务器集群
trusted network connection(TNC)
intrusion tolerance
security analysis
reliability
server cluster
