A New Information Measurement Scheme Based on TPM for Trusted Network Access

Abstract

The information measurement of the NAR (network access requester) is the key element for trusted network access. The only issues TNC (trusted network connection) proposed the conception of integrity measurement and pointed out that only if the measurements passed can the NAS ((network access server) let the endpoint enter. But no concrete techniques are expatiated in TNC, and the related specification IMM (integrity measurement model) is too complex to implement. Virtually, the measurement cannot be localized to the integrity. In this paper, a new information measurement architecture is proposed, in which not only the integrity information of the platform, but also the identity of user and platform, and the information of system availability are considered. The related techniques (information collection and verification etc.) are illustrated, and the trust chain transfer is analyzed at the end.