Trust@FHH at Intrust 2009

The Trust@FHH Team will be at the International Conference on Trusted Computing (Intrust 2009), taking place from 17th to 19th December 2009 in Beijing, P.R. China. We will present our paper “Privacy enhanced Trusted Network Connect”, which deals about the users privacy when connecting to a TNC-protected environment.

21 Oct 2009

Roadmap for tnc@fhh 0.7.0

The next major release of tnc@fhh will be version 0.7.0.

It is currently scheduled for December, 2009. Beside others, we expect the following new features for the 0.7.0 release:

  • A new EAP-TTLS patch for FreeRADIUS. This will allow you to run two EAP-methods sequentially inside a secure EAP-TTLS tunnel. This way, you can do user authentication (with any EAP method supported by FreeRADIUS) plus an assessment of your endpoint with EAP-TNC.
  • A TPM-IMC/V pair. This IMC/V pair enables platform authentication based upon non-migratable TPM keys.
  • VPN support. Probably the most exciting new feature will be the support of VPNs. This will be achived by implementing the new IF-T binding to TLS protocol.

Of course, this list might change in the future …

18 Sep 2009

tnc@fhh 0.6.0 released

The final version 0.6.0 of tnc@fhh is now available for download.

Some changes were made to this release compared to the RC1 version:

  • Fixed some bugs (00000019, 00000023, 00000024) discovered in 0.6.0 RC1 (see Mantis Bugtracking for more details)
  • Added imunit-dev. This is a new project targeted for IMC/V pair developers. It contains the imunit framework plus additional documentation that describes the development of IMC/V pairs based upon imunit. An new example IMC/V pair is also included.

Note: We decided to change the naming of TNC@FHH to tnc@fhh. Currently, the two names can be used interchangeably.

The package structure of this release is as follows:

alternate text

You can find the tarballs in the download section. The 0.6.0 RC1 has been moved to the archive.

17 Sep 2009

ETISS 2009 in Graz

The Trust@FHH team participated in the ETISS 2009.

The European Trusted Infrastructure Summer School 2009 was held in Graz, Austria. The Trust@FHH team participated in this year’s summer school. We were asked to give a lecture and to run a lab about Trusted Network Connect.

Thanks to IAIK for hosting such a great event.

alternate text

09 Sep 2009

tnc@fhh 0.6.0 RC 1 released

Release Candidate 1 of tnc@fhh 0.6.0 is available for download.

This new release introduces a set of new features:

  • improved framework for developing IMC/IMV pairs
  • cmake based build process
  • new package structure (see below)
  • first steps to support IF-TNCCS SoH and IF-TNCCS 2.0
  • decoupling of TNCS and NAA logic (now provided as two separate shared objects)
  • using log4cxx as logging framework

From now on, tnc@fhh software will be provided in a more convenient package structure.

alternate text

The 0.6.0 RC 1 release consists of three packages (the green boxes)

  • imcs: contains all tnc@fhh IMCs and the necessary library imunit
  • imvs: contains all tnc@fhh IMVs and the necessary library imunit
  • server-freeradius: contains all tnc@fhh components necessary for setting up a PDP based upon FreeRADIUS

The tarballs are available in the download section.

21 Aug 2009

Trust@FHH at LinuxTag 2009

The Trust@FHH Team Member Joerg Vieweg gave a talk about Trusted Network Access Control based on Open Source Software - Experiences from Adoption at the LinuxTag 2009 in Berlin. The talk was aimed to explain how open source software based upon Trusted Computings Trusted Network Connect can help to increase the security of today’s IT systems, especially in the area of modern networks.

In the first part, we gave a general introduction into the concepts of Trusted Network Connect as proposed by the Trusted Computing Group.

The second part presented projects of the Trust@FHH research group that deal with open source software and Trusted Computing as proposed by the TCG, especially the Trusted Network Connect approach.

Three active projects that were presented in the talk:

  1. IF-MAP@FHH, an implementation of the IF-MAP specification
  2. TNC@FHH, an implementation of the TNC architecture
  3. tNAC, a project that aims to develop a TNC compatible NAC solution that uses the capabilities of Trusted Computing platforms.

All software that is developed within these projects is completely open source.

The talk finished with an outlook of current challenges and unsolved problems in the area of Trusted Computing and Trusted Network Connect.

27 Jul 2009

Redesigning the Redesign - TNC@FHH IML Components Version 0.6.0 Alpha released

TNC@FHH’s components of the Integrity Measurement Layer (IML) are now available for download in an updated version.

We have redesigned all TNC@FHH components that are located in the Integrity Measurement Layer (IML). The downloadable package includes:

  • IMUnit: a framework for developing IMC/IMV pairs
  • DummyIMC/IMV: a simple IMC/IMV pair that just sends some messages around before a recommendation is provided
  • HostScannerIMC/IMV: an IMC/IMV pair that scans and evaluates the port status of an endpoint

Major changes to version 0.5.0 are:

  • TNCUtil was removed
  • Log4cxx is now used for logging purposes
  • IMUnit has now a more object oriented approach
  • Bug 0000015 was fixed

These IML components are fully compatible with NAA-TNCS version 0.5.0.

22 Jun 2009

tnc@fhh 0.5.0 released

The new version 0.5.0 of tnc@fhh is available for download.

This version includes major changes regarding the build process. We switched to cmake as our new build environment. The HowTos in the Wiki will be updated shortly. Furthermore, we are now providing all tnc@fhh components in one tarball.

The build process now looks basically as follows:

extract tarball

switch to <new directory>/build

cmake ../


make install

The FreeRADIUS EAP-TNC patch is not affected by the cmake-switch and therefore not included in this tarball.

25 May 2009
Hochschule Hannover
University of Applied Sciences and Arts
Faculty IV, Dept. of Computer Science
Ricklinger Stadtweg 120
30459 Hannover, Germany
Youtube Atom-Feed