赵茭茭,马文平,罗维,刘小雪.基于密钥共享的分层混合认证模型[J].计算机科学,2019,46(2):115-119
基于密钥共享的分层混合认证模型
Hierarchical Hybrid Authentication Model Based on Key Sharing
投稿时间:2018-01-04  修订日期:2018-03-15
DOI:
中文关键词:  云安全,PKI,IBE,层次模型,身份认证
英文关键词:Cloud security,PKI,IBE,Hierarchical model,Identity authentication
基金项目:本文受国家自然科学基金(61373171),高等学校创新引智计划项目(B08038),国家重点研发计划重点专项(2017YFB0802400)资助
作者单位E-mail
赵茭茭 西安电子科技大学综合业务网国家重点实验室 西安710071 zjj582984208@163.com 
马文平 西安电子科技大学综合业务网国家重点实验室 西安710071 wp_ma@mail.xidian.edu.cn 
罗维 西安电子科技大学综合业务网国家重点实验室 西安710071  
刘小雪 西安电子科技大学综合业务网国家重点实验室 西安710071  
摘要点击次数: 0
全文下载次数: 0
中文摘要:
      随着信息时代的迅速发展,云计算数据访问安全已经成为了用户最关心的问题。身份认证技术是确保参与者在开放的网络环境中实现安全通信的一种重要手段,如何利用身份认证技术为云环境安全保驾护航,成为学者研究的热点。文中通过公钥基础设施(Public Key Infrastructure,PKI)颁发CA证书以在不同云服务间建立信任,将多个采用身份密码体制(Identity-Based Encryption,IBE)的云联合起来;采用分层身份加密体系,引入共享密钥技术,通过选取成环结构,提出一种PKI-IBE混合认证模型方案,并对方案的安全性进行分析,从理论上证明了云环境下PKI-IBE(Public Key Infrastructure-Identity-Based Encryption)同层成环模型提供服务的可行性。同时文中设计了一种基于该模型的签密技术,通过公私密钥对实现云内认证以及跨云认证。安全性理论证明与性能分析表明,该方案在计算量稍增加的前提下,保证了足够的安全性,更加满足云环境下的用户分属不同云域的认证以及用户安全访问的需求,有效解决了云环境中数据访问的安全问题。
英文摘要:
      With the rapid development of the information age,cloud computing data access security has become the most concerned issue for users.Identity authentication technology is an important means to ensure that participants implement secure communications in an open network environment,and how to use identity authentication technology to escort the cloud environment has become a hot issue for many scholars.This paper proposed a public key infrastructure-identity-based encryption hybrid authentication model scheme by establishing a trust relationship between different cloud services by CA certificate that Public Key Infrastructure (PKI) issued,combining multiple clouds which use Identity Based Encryption (IBE) system,adopting hierarchical identity encryption system,introducing shared key technology,and choosing ring structure.And the security of the scheme was analyzed to prove the feasibility of providing ser-vices based on the identity-based hybrid authentication model in the cloud environment.At the same time,a signcryption technology based on this model was designed to achieve cloud authentication and cross cloud authentication by the public and private key pairs.Performance analysis shows that under the premise of a slight increase in the amount of calculation,the scheme ensures sufficient security,and better satisfies the requirements of users in the cloud environment belonging to different cloud domains and users’ secure access,and solves the problem of data access security in a cloud environment effectively.
查看全文  查看/发表评论  下载PDF阅读器