The concept of network management has been increasingly known to people along with development of the Internet. Earlier, the Internet involved a small number of nodes with an access thereto and was simply deployed, typically in a flat structure, and it was therefore rather simple and easy to perform management including failure detection, performance supervision, etc., on the Internet. However, along with constant development of the network, constant emergence of new network technologies and constant retrofitting of network products, it becomes increasingly difficult to plan and expand the network, and practical problems of how to make the best of respective components of the network, how to maintain good reliability and superior efficiency of the network, etc., have hastened the emergence of network management. The development of today's communication networks features an increasing scale, an increasing functional complexity and a gradual integration of heterogeneous networks, etc., and this trend poses an unprecedented challenge to network management. Network management involves planning, designing and controlling of resources and devices constituting a network to enable the network with the highest efficiency and productivity, thereby serving a user efficiently.
A centralized management model is commonly adopted in a traditional network management system, e.g., an administrator/agent model in the Simple Network Management Protocol (SNMP) proposed by the Internet Engineering Task Force (IETF) in 1988. Along with the increasing scale of networks, drawbacks of the SNMP-based network management model have gradually revealed: management nodes have increasingly become a bottleneck of network management due to the increasing number of users; an excessive number of polls and widely distributed agents necessitate an excessive bandwidth overhead and degrade the efficiency; and the bandwidth is wasted and a large number of precious resources of the CPU of an administrator are consumed for transmission of raw data which is retrieved from the respective agents and used as management information, thus decreasing the efficiency of network management. Furthermore, the centralized management mode stated above is also adopted in a network management system in the Common Management Information Protocol (CMIP), which is somewhat more complex than the SNMP. Generally, the SNMP is mainly applicable to management on a data network, and the CMIP is mainly applicable to management on a telecommunication network.
In view of the foregoing problems, network management systems are increasingly developing rapidly towards distribution and intelligence. There are two trends in the distributed network management development, in one of which a large distributed network management system, which is open, standardized and extensible, can be easily designed by a distributed calculation facility based on the existing network management framework, and the large distributed network management system primarily includes a Common Object Request Broker Architecture (COBRA)-based distributed network management system and a Web-based distributed network management system; and in the other of which a new distributed network management is involved, e.g., a network management system based on a mobile agent. In the distributed network management, network management and supervision is distributed throughout the whole network instead of relying on a single control center, thus offering the advantages of a reduced traffic of network management, a more powerful management capability, more extensibility, etc. However, both the centralized and distributed network management systems suffer the following security problems:
A host where an agent resides may attack the agent, and the security of the agent can not be ensured in an existing detection-based method;
Also, an agent may attack a host where the agent resides, for example, the agent attempts an illegal access to some private information of the host where it resides, and at present such an attack has to be passively prevented only through intrusive detection;
An administrator system is totally trusted by a network management user, which may be out of security because the administrator system may be controlled by a virus, a Trojan horse, etc., and will not work as intended for the network management user, thus resulting in a loss of management and control on the network; and
An administrator system is totally trusted by a managed host, which may also be out of security. The managed host has to detect if the administrator system has been invaded by a virus, a Trojan horse, etc., otherwise the managed host may be subject to a hostile behavior from an agent residing in the managed host because of receiving a hostile management command by the agent.
In order to ensure trustworthiness of various terminals (including a PC, a mobile phone, other mobile intelligent terminals) and trustworthiness between terminals in a network environment, the international Trusted Computing Group (TCG) has defined a trusted computing framework and established a series of trusted computing specifications. The trusted computing framework ensures the security throughout a whole system generally by enhancing the security of the existing terminal architecture. A general idea thereof lies in that a trusted architecture is introduced to various terminal hardware platforms to improve the security of terminal systems depending on security features provided by the trusted architecture. A core of trustworthiness of the terminal is a trusted chip referred to as a Trusted Platform Module (TPM). Trustworthiness of a terminal can be enabled with the TPM, and trustworthiness between terminals in a network environment can be enabled over a trusted network connection based on the TPM. FIG. 1 illustrates a trusted network connection architecture based on tri-element peer authentication.
In this trusted network connection architecture, a Policy Manager (PM) acts as a third party of an Access Requestor (AR) and an Access Controller (AC), and the AR and the AC perform their mutual user authentication and mutual platform integrity evaluation through the PM to thereby implement a trusted network connection. After the AR in FIG. 1 is connected to a trusted network, the AR has to be managed by a network management system while obviating the security drawbacks of the foregoing centralized and distributed network management systems to thereby deploy an indeed trusted network.