Trustworthy clients: Extending TNC to web-based environments

In Trusted Network Connect (TNC), a network access decision is based on the security state of an access requesting party. This mechanism is limited to closed environments such as LANs and VPNs. In this paper, we propose solutions based on authentication standards for enabling TNC in open, web-based scenarios. In particular, an architectural model for TNC is proposed that takes additional security and privacy requirements into account. Furthermore, a communication scheme is proposed that is based on standardised protocols and message formats. This approach provides assurance as to the security state of clients accessing security sensitive web-based services.