1. A trusted connection verification method facing a mobile terminal user in a cloud environment is characterized by comprising the following steps:

s1, the trusted connection verification comprises three entities, namely an access request end, an access control end and a policy management end;

the access request end comprises an access requester, a trusted connection client and an integrity collector, the access control end comprises an access controller, a trusted connection access point and an integrity collector, and the policy management end comprises an authentication policy server, an evaluation policy server and an integrity checker;

the trusted connection verification is divided into four layers, namely an integrity measurement layer, a trusted platform evaluation layer, a network access control layer and an isolation repair layer;

in the network access control layer, an access requester, an access controller and an authentication strategy server execute a user identity authentication protocol to realize bidirectional user identity authentication between an access request terminal and an access control terminal;

in a trusted platform evaluation layer, a trusted connection client, a trusted connection access point and an evaluation strategy server execute a trusted platform evaluation protocol;

on an integrity measurement layer, an integrity collector collects platform integrity measurement values of an access request end and an access control end, and an integrity checker checks the platform integrity measurement values;

in the isolation repairing layer, when the platform integrity measurement of the access request end and the access control end fails, the access request end and the access control end are placed in an isolation area to repair or upgrade the platform integrity;

s2, before establishing network connection and integrity check, the credible connection client initializes the integrity collector according to the platform binding;

s3, the mobile terminal user is used as an access request terminal to initiate an access request to the access control terminal;

s4, after the access control end receives the access request of the access request end, the access control end executes the user identity authentication protocol and controls the local access port according to the user identity authentication result; in the process of user identity authentication, an access request end and an access control end negotiate a master key, and negotiate a session key by using the master key;

s5, after the user identity authentication and the key negotiation are successful, the access request terminal and the access control terminal respectively inform the trusted connection client terminal and the trusted connection server terminal of the success information, and if the negotiation is failed, the network access is refused;

s6, performing trusted platform evaluation on the access request terminal and the access control terminal;

s7, after the access request terminal and the access control terminal complete the evaluation of the credible platform, the credible connection client terminal and the credible connection server terminal make a decision according to the credible platform evaluation result generated by the strategy management terminal and respectively send the decision to the access request terminal and the access control terminal, if the evaluation fails, the network access is refused;

and S8, the access request terminal and the access control terminal control the local access port according to the received decisions, so as to realize the trusted connection, wherein the decisions comprise permission, prohibition or isolation.

2. The method for verifying the trusted connection to the mobile terminal user in the cloud environment according to claim 1, wherein the platform integrity repair or upgrade, the user identity authentication protocol, and the trusted platform evaluation protocol performed in S1 are all bidirectional peer-to-peer authentication protocols based on a trusted third party policy manager, which are called ternary peer-to-peer authentication protocols.

3. The method for verifying the trusted connection facing the mobile terminal user in the cloud environment according to claim 1, wherein the access request terminal and the access control terminal perform corresponding platform integrity information collection and platform integrity verification according to a security policy, and the security policy making sets corresponding policies according to users of different levels and different access services and issues the policies for execution;

the step of making the security policy comprises: when the access point of the user receives the network request of the access request terminal, the user information is sent to the strategy management terminal, the strategy management terminal carries out strategy evaluation according to the formulated strategy, and then an evaluation result is returned.

4. The method for verifying the trusted connection to the mobile terminal user in the cloud environment according to claim 1, wherein the step S6 includes:

s61, when the trusted connection server receives the key negotiation success information, activating a trusted platform evaluation process, and the trusted connection client and the strategy management terminal execute a trusted platform evaluation protocol to realize bidirectional trusted platform evaluation of the access request terminal and the access control terminal, wherein the bidirectional trusted platform evaluation comprises identity authentication and platform integrity verification;

s62, in the trusted platform evaluation process, the trusted connection client and the trusted connection server perform information interaction with an integrity collector of an integrity measurement layer through an IF-IMC interface respectively;

and S63, the evaluation policy server is responsible for verifying the validity of the PKI certificates of the access request terminal and the access control terminal, and calls an integrity checker of the integrity measurement layer through the IF-I interface to complete platform integrity check of the access request terminal and the access control terminal and generate a trusted platform evaluation result of the access request terminal and the access control terminal.

Background

With the development of information technology, cloud computing has been widely applied to the industrial and commercial fields, and due to the strong storage capacity and computing resources of cloud computing, more and more private persons and enterprises are promoted to outsource some data and services to cloud service providers. Meanwhile, with the development of mobile networks, sharing and querying of data through mobile terminals in cloud computing environments are becoming more and more common. Since key data of many enterprises and governments are stored in the cloud, although the data are encrypted, it is very important to realize the trusted connection verification of the mobile terminal user in the cloud computing environment in the face of continuous illegal intrusion attacks.

The trusted connection verification method measures the platform state of the mobile terminal before the mobile terminal accesses the network, and only the terminal meeting the network security policy is allowed to access the network, so that the terminal with potential threat to the network cannot directly access the network. The trusted connection is an important component of a trusted computing architecture, is a structure for verifying the trusted connection and a terminal with a trusted platform control module, and aims to extend a trust chain from the terminal to a network and extend the trusted state of a single terminal to an interconnection system.

In order to realize the functions, the trusted connection verification method aims to solve the following key problems:

(1) and (3) evaluating a trusted platform: verifying the identity of the mobile terminal, the identity of the platform and the integrity of the platform;

(2) and (3) terminal policy authorization: confirming the trusted status of the mobile terminal, for example: the existence, state and upgrading condition of the application program, the version of upgrading antivirus software and an IS rule base, the patch level of an operating system and the application program and the like, and the terminal IS given an authority which can log in a network, so that the network access right under the control of a certain authority IS obtained;

(3) and (3) access policy: confirming the authority of the mobile terminal and the user thereof, establishing a credibility level before the mobile terminal is connected with a network, and balancing the existing standards, products and technologies;

(4) assessment, isolation and remediation: and (4) confirming whether the mobile terminal conforms to the credible strategy, if the terminal does not conform to the security strategy, isolating the terminal outside the credible network.

Disclosure of Invention

The invention provides a trusted connection verification method facing a mobile terminal user in a cloud environment, which improves the safety and reliability of trusted connection verification.

The invention relates to a trusted connection verification method facing a mobile terminal user in a cloud environment, which comprises the following steps:

s1, the trusted connection verification comprises three entities, namely an access request end, an access control end and a policy management end;

the access request end comprises an access requester, a trusted connection client and an integrity collector, the access control end comprises an access controller, a trusted connection access point and an integrity collector, and the policy management end comprises an authentication policy server, an evaluation policy server and an integrity checker;

the trusted connection verification is divided into four layers, namely an integrity measurement layer, a trusted platform evaluation layer, a network access control layer and an isolation repair layer;

in the network access control layer, an access requester, an access controller and an authentication strategy server execute a user identity authentication protocol to realize bidirectional user identity authentication between an access request terminal and an access control terminal;

in a trusted platform evaluation layer, a trusted connection client, a trusted connection access point and an evaluation strategy server execute a trusted platform evaluation protocol;

on an integrity measurement layer, an integrity collector collects platform integrity measurement values of an access request end and an access control end, and an integrity checker checks the platform integrity measurement values;

in the isolation repairing layer, when the platform integrity measurement of the access request end and the access control end fails, the access request end and the access control end are placed in an isolation area to repair or upgrade the platform integrity;

s2, before establishing network connection and integrity check, the credible connection client initializes the integrity collector according to the platform binding;

s3, the mobile terminal user is used as an access request terminal to initiate an access request to the access control terminal;

s4, after the access control end receives the access request of the access request end, the access control end executes the user identity authentication protocol and controls the local access port according to the user identity authentication result; in the process of user identity authentication, an access request end and an access control end negotiate a master key, and negotiate a session key by using the master key;

s5, after the user identity authentication and the key negotiation are successful, the access request terminal and the access control terminal respectively inform the trusted connection client terminal and the trusted connection server terminal of the success information, and if the negotiation is failed, the network access is refused;

s6, performing trusted platform evaluation on the access request terminal and the access control terminal;

s7, after the access request terminal and the access control terminal complete the evaluation of the credible platform, the credible connection client terminal and the credible connection server terminal make a decision according to the credible platform evaluation result generated by the strategy management terminal and respectively send the decision to the access request terminal and the access control terminal, if the evaluation fails, the network access is refused;

and S8, the access request terminal and the access control terminal control the local access port according to the received decisions, so as to realize the trusted connection, wherein the decisions comprise permission, prohibition or isolation.

Further, the patching or upgrading of the platform integrity, the user identity authentication protocol and the trusted platform evaluation protocol performed in S1 are all bidirectional peer authentication protocols based on the trusted third party policy manager, which are called ternary peer authentication protocols.

Further, the access request terminal and the access control terminal carry out corresponding platform integrity information collection and platform integrity verification according to a security policy, and the security policy makes corresponding policies according to different levels of users and different access service settings and issues and executes the policies;

the step of making the security policy comprises: when the access point of the user receives the network request of the access request terminal, the user information is sent to the strategy management terminal, the strategy management terminal carries out strategy evaluation according to the formulated strategy, and then an evaluation result is returned.

Further, the specific steps in S6 include:

s61, when the trusted connection server receives the key negotiation success information, activating a trusted platform evaluation process, and the trusted connection client and the strategy management terminal execute a trusted platform evaluation protocol to realize bidirectional trusted platform evaluation of the access request terminal and the access control terminal, wherein the bidirectional trusted platform evaluation comprises identity authentication and platform integrity verification;

s62, in the trusted platform evaluation process, the trusted connection client and the trusted connection server perform information interaction with an integrity collector of an integrity measurement layer through an IF-IMC interface respectively;

and S63, the evaluation policy server is responsible for verifying the validity of the PKI certificates of the access request terminal and the access control terminal, and calls an integrity checker of the integrity measurement layer through the IF-I interface to complete platform integrity check of the access request terminal and the access control terminal and generate a trusted platform evaluation result of the access request terminal and the access control terminal.

The invention realizes the security of trusted connection through a ternary peer entity authentication and access control method, a multi-layer architecture design, a unified access control protocol and interface support, so that an illegally accessed terminal can not access a trusted network.

Drawings

FIG. 1 is a block diagram of the trusted connection verification of the present invention based on a trusted information system;

FIG. 2 is a flow diagram of a trusted connection verification method of the present invention;

FIG. 3 is a block diagram of the trusted connection verification of the present invention;

FIG. 4 is a data processing flow diagram of a network connection request processing module of the present invention;

FIG. 5 is a data processing flow diagram of the trusted authentication processing module of the present invention;

FIG. 6 is a data processing flow diagram of the isolation processing module of the present invention;

FIG. 7 is a data processing flow diagram of the integrity collection processing module of the present invention;

FIG. 8 is a data processing flow diagram of the policy processing module of the present invention.

Detailed Description

The present invention will be described in further detail with reference to the accompanying drawings.

The development environment of the invention is a Linux system, the Linux system is developed by using a standard C language, and cross-platform transplantation is taken into consideration in the development.

The trusted connection verification comprises three entities, namely an access request end, an access control end and a policy management end; the method is divided into four levels: the system comprises an integrity measurement layer, a trusted platform evaluation layer, a network access control layer and an isolation repair layer. The structure relationship and the calling flow are shown in the attached figure 1.

The access request end comprises an access requester, a trusted connection client and an integrity collector, the access control end comprises an access controller, a trusted connection access point and an integrity collector, and the policy management end comprises an authentication policy server, an evaluation policy server and an integrity checker;

in the network access control layer, an access requester, a network access controller and an authentication policy server execute a user identity authentication protocol to realize bidirectional user identity authentication between the access requester and the access controller.

And in the trusted platform evaluation layer, the trusted connection client, the trusted connection access point and the evaluation strategy server execute a trusted platform evaluation protocol.

In the integrity measurement layer, an integrity collector collects platform integrity measurement values of an access requester and an access control terminal, and an integrity checker checks the platform integrity measurement values.

In the isolation repairing layer, when the platform integrity measurement of the access request end and the access control end fails, the access request end and the access control end are placed in an isolation area, and a user identity authentication protocol and a trusted platform evaluation protocol for repairing or upgrading the platform integrity are both bidirectional peer-to-peer authentication protocols based on a trusted third party policy manager, and are called ternary peer-to-peer authentication protocols. The network access control layer executes the access control method based on ternary equal authentication, and the access request end and the network access control end execute port control according to the user identity authentication result and the connection decision sent by the trusted platform evaluation layer, so that access control is realized.

The communication between each layer has related communication interface, and the defined interface is directly called for processing. And the isolation and repair layer is used for isolating the access request end after the integrity measurement of the platform fails, and then calling a related interface of the isolation resource server to perform repair and upgrade. The integrity measurement layer firstly collects the integrity information before the connection request, and the part of the work is completed in advance. And then, when the evaluation layer carries out the integrity evaluation of the platform, calling a platform integrity check interface to carry out integrity measurement work. The network access control layer is the basis, and when the access control is verified, the relevant processing of the evaluation layer is triggered.

As shown in the attached figure 2, the method of the invention comprises the following processes:

first, before establishing a network connection and performing an integrity check, the trusted connection client must initialize the integrity collector according to a specific platform binding.

(1) The access request terminal initiates an access request to the network access control terminal;

(2) after receiving the access request from the access request end, the network access control end executes the user identity authentication protocol with the access request end and the authentication strategy server to realize the bidirectional user identity authentication of the access request end and the access control end. In the process of user identity authentication, the policy management end is used as a trusted third party. The access request terminal and the access control terminal negotiate a master key and negotiate a session key by using the local access port master key. The access request terminal and the access control terminal control according to the user identity authentication result;

(3) after the user identity authentication and the key agreement are successful, the access request terminal and the access control terminal respectively inform the trusted connection client terminal and the trusted connection server terminal of the successful information;

(4A) when the trusted connection server receives the success information, activating a trusted platform evaluation process, executing a trusted platform evaluation protocol with the trusted connection client and an evaluation strategy server, and realizing bidirectional trusted platform evaluation, namely platform identity authentication and platform integrity verification, of the access request terminal and the access control terminal;

(4B) in the trusted platform evaluation process, the trusted connection client and the trusted connection server perform information interaction with an integrity collector of an integrity measurement layer through an integrity measurement collection interface respectively;

(4C) the evaluation strategy server is responsible for verifying the validity of PKI certificates of the access request terminal and the access control terminal, and calls an integrity checker of an integrity measurement layer through an integrity measurement check interface to complete platform integrity check of the access request terminal and the access control terminal, and finally generates a trusted platform evaluation result of the access request terminal and the access control terminal;

(5) and when the evaluation of the trusted platforms of the access request terminal and the access control terminal is finished, the trusted connection client terminal and the trusted connection server terminal make decisions according to the evaluation result of the trusted platforms generated by the evaluation strategy server and respectively send the decisions to the access request terminal and the access control terminal.

And finally, the access request terminal and the access control terminal control the local access port according to the received decisions (permission/prohibition/isolation) so as to realize the trusted connection verification, namely, the access controller controls the access of the access request terminal to the protected network according to the connection decisions, and the access request terminal judges whether to be connected to the network or not according to the connection decisions.

And (3) dividing modules for verifying the trusted connection, as shown in figure 3. The system comprises a network connection request module, a trusted authentication processing module, an isolation processing module, an integrity collection processing module and a policy processing module, which are respectively explained and described in detail below.

Fig. 4 is a data processing flow chart of the network connection request processing module according to the present invention. The network connection request processing module is realized at an access request end and is an entrance of the trusted connection verification system. The function is triggered when a network request is carried out, whether the connection is credible or not is firstly verified, if the connection is credible, the network is allowed to be accessed, otherwise, credible authentication processing is carried out, the network is allowed to be accessed if the authentication is passed, and the network is prevented from being accessed if the authentication is failed.

Fig. 5 shows a data processing flow of the trusted authentication processing module according to the present invention. The trusted cognitive processing module is realized at an access request end, the function is triggered when the network connection is not verified to be in a trusted state, user identity authentication is firstly carried out, platform identity authentication is carried out after the authentication is passed, platform integrity measurement is carried out after the authentication is passed, the platform enters an isolation area if the platform is not passed, and then isolation processing is carried out.

Fig. 6 is a data processing flow chart of the isolation processing module according to the present invention. The isolation processing module is realized at both the access request end and the access control end, the function is triggered after the integrity measurement of the platform fails, the access request end and the access control end are isolated, the isolated access request end and the isolated access control end can not perform network access service, and can only be connected to a repair resource server for repair or upgrade. And after upgrading and repairing are completed, the integrity of the platform is measured, and isolation is eliminated after the measurement is passed.

Fig. 7 shows a data processing flow of the integrity collection processing module according to the present invention. The integrity collection processing function is required to be provided at both the access request end and the access control end, and collection is required before network connection, including information of a hardware platform, information of an installed operating system and information of some important application software, such as: antivirus software, firewall and the like. And when the system runs, judging whether to collect the information according to the configuration instruction, if so, processing the integrity information of the collection platform, and storing the information after the collection for use in the integrity verification of the platform.

Fig. 8 is a data processing flow chart of the policy processing module according to the present invention. The access request terminal and the access control terminal can perform corresponding platform integrity information collection and platform integrity verification according to the security policy. The strategy processing module is realized at the strategy manager end, and the main functions comprise the establishment of a safety strategy, the integrity verification of a platform and the execution of the strategy. The security policy is made according to different levels of users and different access services, corresponding policies are set, when an access point of a user receives a network request of an access request end, user information can be sent to a policy server end, the policy server end carries out policy evaluation according to the made policies, and then evaluation results are returned. When the security policy is formulated according to different users, different platforms and different services, the security policy needs to be issued and executed. The security policy is mainly executed by performing policy evaluation according to the user information, and at this time, integrity verification of the platform is performed.

In summary, the present invention realizes the security of trusted connection through ternary peer entity authentication and access control method, multi-layer architecture design, unified access control protocol and interface support, so that an illegally accessed terminal cannot access a trusted network.

The above embodiments are only for explaining and explaining the technical solution of the present invention, but should not be construed as limiting the scope of the claims. It should be clear to those skilled in the art that any simple modification or replacement based on the technical solution of the present invention may be adopted to obtain a new technical solution, which falls within the scope of the present invention.