Implementation Analysis of Trusted Network Connect to Ensure Endpoint Integrity and Security
No Thumbnail Available
URL
Journal Title
Journal ISSN
Volume Title
Helsinki University of Technology |
Diplomityö
Checking the digitized thesis and permission for publishing
Instructions for the author
Instructions for the author
Authors
Date
2008
Major/Subject
Tietokoneverkot
Mcode
T-110
Degree programme
Language
en
Pages
(14) + 123
Series
Abstract
Change in business practices, massive growth of malware treats drives the enterprises to enforce a strong authentication system rather light weight username/password authentication system for network access. The authentication systems based on username/password would safe guard against a malicious user connecting to a corporate network, but fails to prevent an authorized user indulging in malicious activities inside the network. Network Access Control (NAC) is a paradigm that consists of software and hardware components to dynamically control an endpoint's network access based on its compliance level with respect to an enterprise's policy. Many of the available Network Access Control (NAC) solutions are proprietary and closed. Trusted Network Connect specifications from Trusted Computing Group is a standard specification describing protocols, interfaces and API(s) for a potential NAC system to ensure integrity of an endpoint during network connection. Similar with other proprietary NAC solutions, products that support TNC specifications are proprietary and closed. This work investigates the possibility of implementing a TNC NAC system with the aid of available open source components. The principal design aspect of TNC specification is it leverages existing infrastructures, this work focuses on adapting TNC specifications over 802.1X networks. To emphasis this, an abstract system design was developed to analysis the challenges and possibilities in implementing a TNC NAC. Then the study continues with analyzing the modifications and changes that should be carried out on the reference architecture to support TNC. This work serves as a base for developing a TNC based NAC over 802.1X environment.Description
Supervisor
Tarkoma, Sasu|Sjödin, PeterThesis advisor
Tarkoma, SasuKeywords
Network Access Control, Trusted Network Connect, integrity, security