Distributed Trusted Network Connection Architecture Based on Blockchain
Author:
Affiliation:

Clc Number:

TP309

Fund Project:

CHB National Science and Technology Major Project of China (2013ZX01029002G001)

  • Article
  • |
  • Figures
  • |
  • Metrics
  • |
  • Reference
  • |
  • Related
  • |
  • Cited by
  • |
  • Materials
  • |
  • Comments
    Abstract:

    Trusted network connection is the key technology for trust relationship to extend from terminal to network. However, TCG's TNC architecture and China's TCA architecture are both oriented to a strong identity network with central access. In actual deployment, there is a single point of access control and policy decision center. In addition, the trust extension uses the binary trust chain transfer model, which is not consistent with the security model of the complex network environment, and the portrayal of the trusted state of the network is not accurate enough. In response to the above issues, this study fully analyzes the trust relationship in the security world and then proposes a distributed trusted network connection architecture based on blockchain, called B-TNC, which is the transformation of TNC with blockchain essentially. B-TNC fully integrates the de-centralization, tamper-proof, and traceable security features of blockchain, and realizes a stronger network trust model. This paper first describes the overall architecture design of B-TNC, and summarizes its trust relationship. Then, the core problems are described:(1) proposing three blockchain systems for access control, data protection, and identity authentication; (2) proposing to build distributed trusted verifiers based on blockchain; and (3) proposing a remote attestation protocol based on DPoS consensus. Finally, this paper analyzes the correctness, security, and efficiency of B-TNC. The analysis shows that B-TNC can realize trusted network connection oriented to distributed network, with decentralization, traceability, anonymity, not tampered security features that are resistant to common attacks, with sound efficiency.

    Reference
    Related
    Cited by
Get Citation

刘明达,拾以娟,陈左宁.基于区块链的分布式可信网络连接架构.软件学报,2019,30(8):2314-2336

Copy
Share
Article Metrics
  • Abstract:
  • PDF:
  • HTML:
  • Cited by:
History
  • Received:May 29,2018
  • Revised:September 21,2018
  • Adopted:
  • Online: April 03,2019
  • Published:
You are the firstVisitors
Copyright: Institute of Software, Chinese Academy of Sciences Beijing ICP No. 05046678-4
Address:4# South Fourth Street, Zhong Guan Cun, Beijing 100190,Postal Code:100190
Phone:010-62562563 Fax:010-62562533 Email:jos@iscas.ac.cn
Technical Support:Beijing Qinyun Technology Development Co., Ltd.

Beijing Public Network Security No. 11040202500063