| 基于TCM的SSLVPN防中间人攻击的改进协议 |
| |
| 引用本文: | 吴志刚,李世岗,颜晗,池亚平.基于TCM的SSLVPN防中间人攻击的改进协议[J].北京电子科技学院学报,2012,20(4):64-70. |
| |
| 作者姓名: | 吴志刚 李世岗 颜晗 池亚平 |
| |
| 作者单位: | 北京电子科技学院通信工程系,北京100070 西安电子科技大学通信工程学院,西安710071;北京电子科技学院通信工程系,北京,100070 |
| |
| 基金项目: | 北京市自然科学基金资助项目,国家科技支撑计划资助项目,发改委信息安全产品产业化专项,中央高校基本科研业务费专项资金资助 |
| |
| 摘 要: | 在分析SSLVPN协议的中间人攻击原理和已有解决方案的基础上,针对目前解决方案中未考虑平台环境因素的问题,本文提出了一种基于TCM的SSI。VPN改进协议。通过改进协议数据结构,定义新的消息类型,在SSL握手协议流程中加入可信平台完整性信息和可信证书,实现了基于底层可信防止中间人攻击。
|
| 关 键 词: | 中间人攻击 可信密码模块 安全套接层协议 虚拟专用网 |
An Improved SSL VPN Protocol for Anti Man-in-the-Middle Attack Based on the TCM |
| |
| WU Zhi-gang,LI Shi-gang,YAN Han,CHI Ya-ping.An Improved SSL VPN Protocol for Anti Man-in-the-Middle Attack Based on the TCM[J].Journal of Beijing Electronic Science & Technology Institute,2012,20(4):64-70. |
| |
| Authors: | WU Zhi-gang LI Shi-gang YAN Han CHI Ya-ping |
| |
| Affiliation: | 1. Department of Communication, Beijing Electronic and Science Technology Institute, Beijing 100070, China; 2. School of Communication, Xidian University, Xi'an Shanxi 710071, China) |
| |
| Abstract: | By analyzing the principles of man-in-the-middle attack for the SSL VPN protocol and its solutions, and aiming at the problem that the existing solutions have not considered the factor of platform environment, a SSL VPN improvement protocol based on TCM is proposed in the paper. By improving the data structure of the protocol data unit, defining new message types, and adding the trusted platform integrity information and trusted certificate in the handshake protocol, it can prevent the man-in-the-middle attacks based on the underlying credibility. |
| |
| Keywords: | Man-in-the-middle Attacks Trusted Cryptography Module Secure Sockets Layer Protocol Virtual Private Network |
| 本文献已被 维普 万方数据 等数据库收录! |
|
