Combining User and Platform Trust Properties to Enhance VPN Client Authentication

نویسندگان

  • Patrick George
  • Gérald Maunier
چکیده

With PC manufacturers aggressively pushing trusted architectures in their new models, Trusted Platforms are quickly becoming a major component of the IT landscape. These platforms embed a security chip, the Trusted Platform Module (TPM), that is primarily used to attest the integrity of the system but that can also accurately identify the platform. While platform identification raises privacy issue in the consumer space, it represents a major requirement for corporations. Platform identification is particularly important in the case of remote access to corporate resources. Today, Virtual Private Network (VPN) client authentication mostly focuses on end-user identity without addressing the trust properties of the platform the end-user is operating. Starting with the benefits that TPM-based platform identification and authentication can bring to VPN client authentication this paper demonstrates how platform and end-user trust properties can be combined in a standard VPN authentication framework, such as the Extensible Authentication Protocol, and discusses possible implementations.

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Bandwidth and Delay Optimization by Integrating of Software Trust Estimator with Multi-User Cloud Resource Competence

Trust Establishment is one of the significant resources to enhance the scalability and reliability of resources in the cloud environment. To establish a novel trust model on SaaS (Software as a Service) cloud resources and to optimize the resource utilization of multiple user requests, an integrated software trust estimator with multi-user resource competence (IST-MRC) optimization mechanism is...

متن کامل

A Person-Oriented Ubiquitous and Secure Information Communication Environment Supported by Data-Driven Networking Processor

This paper proposes a basic concept of person-oriented ubiquitous and secure information sharing environment. In the ubiquitous network environment, people, within a predefined restriction, can access and use information, network and computing resources wherever and whenever they are. Here, the owner of the resource and/or information is not necessarily same as the user. At the same time, the u...

متن کامل

Proof of Concept Implementation of Trustworthy Mutual Attestation Architecture for True Single Sign-on

To overcome computer network issues, user credentials for security and management have been used for single sign-on solutions and they have apparently helped to boost the security and usability of credentials. For true single sign-on solutions, where trusted entities are assisted by trusted platform module in the client and server platforms, they need a module that plays the role of authenticat...

متن کامل

An Enhanced Remote Authentication Scheme using Secure Key Exchange Protocol with Platform Integrity Attestation

Most remote authentication schemes use key exchange protocol to provide secure communication over an untrusted network. The protocol enables remote client and host to authenticate each other and communicate securely with prearranged shared secret key or server secret key. Many remote services environment such as online banking and electronic commerce are dependent on remote authentication schem...

متن کامل

User Authentication with Smart Cards in Trusted Computing Architecture

The introduction of smart cards into trusted architectures establishes a clear-cut separation between the roles and responsibilities of both platform and user. On one hand, the Trusted Platform Module (TPM) ensures the platform trustworthiness and secures platform credentials and secrets, while smart cards guarantee user identity and protect user credentials and access authorization. Starting f...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2005