A number of security issues arise when computers or other resources are connected over a network. As networks and networked devices become increasingly popular, the security of such networks and network devices becomes even more important. Network designers and system administrators must establish security policies that provide a balance between ease-of-use for users while also protecting the networks and network devices from undesirable events. Most networks and network devices incorporate computer security techniques, such as access control mechanisms, to prevent unauthorized users from accessing the networks or network devices. User authentication is the process of verifying the identity of a user in a computer system, often as a prerequisite to allowing access to resources in the system.
A number of authentication protocols have been proposed or suggested to prevent unauthorized access to networks and networked devices. For example, in many network environments, a user must provide an appropriate password, to prove his or her authority. In addition, one-time, challenge-response passwords have been proposed as a mechanism for further increasing security. Generally, users are assigned a secret key, presumably known only to the user and the authentication host. The secret key may be stored, for example, on a pocket token or a computer-readable card. Upon attempting to access a desired resource, a random value, known as a “challenge,” is issued to the user. The user then generates an appropriate “response” to the challenge by encrypting the received challenge with the user's secret key (read from the pocket token or computer-readable card), using a known encryption algorithm, such as the data encryption standard (DES). The user transmits the calculated response to the desired remote resource, and obtains access to the requested resource if the response is accurate. In order to ensure that the pocket token or computer-readable card is being utilized by the associated authorized user, the security may be supplemented by requiring the user to enter a memorized PIN (personal identification number) or password.
Typically, an enterprise network is considered to be the portion of the network that is “inside” the enterprise, i.e., the portion of the network that is protected from “outside” of the enterprise by firewalls and similar security applications. Mobile users (including users connecting through Virtual Private Network (VPN) connections into the enterprise) are fundamentally changing this paradigm. Future threats to an enterprise network will likely come from inside the network and specifically from the mobile devices and users that roam outside the enterprise network. Any network that a mobile device connects to has the potential of becoming the weak link in the enterprise security chain. An enterprise network manager must therefore be concerned with a security lapse resulting in a few compromised devices that provide a hole or conduit for continued unauthorized access from outside of the enterprise network. Such compromised devices could, for example, deliberately open a connection to the outside world and allow the connection to be hijacked. It is not practical to check every connection originating from inside the enterprise, and restricting such connections excessively would impair ease-of-use principles. Further, strong security techniques to prevent man-in-the-middle attacks have the effect of making it difficult to monitor the content of communication.
A need therefore exists for a method and apparatus for authenticating the contents of a device requesting access to a network, optionally in addition to traditional authentication of the user or device.