Abstract: In recent years, the security issues on network device have been increasingly prominent. If the network devices are not trusted, all computers in the net are likely to be in the risk of being attacked and all data being stolen. Whether the network devices access network in security or not directly affects the safety of the whole network. It presents a trusted authentication method based on IMC/IMV for network devices. Under this method, the traditional platform identity authentication is carried out and the trusted status verification of the platform is carried out too. The network device’s trusted status information is collected by Integrity Measurement Collector（IMC） and verified by Integrity Measurement Verifier（IMV）, to which the information are submitted by multiple rounds protocol interactions. The final experiments show that this authentication method effects little on system performance when the network device are under trusted authentication.

Key words: trusted network, device authentication, Integrity Measurement Collector（IMC）, Integrity Measurement Verifier（IMV）

摘要： 近年来，网络设备的安全问题日益凸显。如果网络设备不可信，网内所有计算机都可能面临被攻击的危险，所有数据也都可能面临被窃取的危险。所以网络设备是否安全地接入网络直接影响到整个网络的安全。提出了一种基于IMC/IMV的网络设备可信认证方法，在完成传统的平台身份认证的同时，进行平台可信状态验证，通过设计的完整性收集器（Integrity Measurement Collector，IMC）收集网络设备的可信状态信息，通过协议的多轮交互提交给完整性验证器（Integrity Measurement Verifier，IMV）进行验证，完成平台的完整性认证。实验表明，这种认证方式在实现网络设备的可信认证的同时，对系统性能的影响不大。

关键词: 可信网络, 设备认证, 完整性收集器（IMC）, 完整性验证器（IMV）