(山东大学 计算机科学与技术学院,山东省 济南市 250101)
摘要: 以三元对等鉴别架构TePA和基于PKI体系的信任机制为基础,研究了PKI体系中的跨域信任问题,在分析现有信任机制存在的问题的前提下提出了一种采用TePA技术适用于大型多域环境下的信任机制。该信任机制可以实现多域环境下的跨域信任,通过对其性能和安全性的分析说明了该机制的可行性。
关键词:跨域信任;三元对等;PKI体系;身份认证
The Trust Mechanism In the Large Multi-domain Environment With the TePA Technology
BI Chao-jie1,ZHANG Yue-gong2
(School of Computer Science and Technology Shandong University, Jinan 250101, China,)
Abstract:Based on the tri-element peer authentication TePA and the PKI-based trust mechanism, we researched the problems of the cross-domain trust in the PKI system. We proposed a trust mechanism in the large multi-domain environment with the TePA technology under the premise of we analysed the problems of the current trust mechanism. The trust mechanism could implement the cross-domain trust in the large multi-domain environment. We proved the feasibility of the mechanism though analysing its performance and security.
Key words:cross-domain trust;tri-element peer authentication;PKI system;identity authentication
参考文献 (References)
[1] 胡红刚. 中国PKI的现状及面临的问题. 信息网络安全. 2002, 03
Hu Hong-gang. The Current Situation And Problems Of PKI System In China. Information Network Security. 2002,03
[2] Neuman B.C,Ts'o T. Kerberos: an authentication service for computer networks. IEEE Communications.1994,32(9).33-38
[3] 李正豪 WAPI标准国际化完成重要一步:TePA成国际标准. 通信世界周刊. 2010年8月
Li Zheng-hao.. An Important Step Of WAPI Standard Internationalization: TePA Become The International
Standard. Communications World Weekly. 2010, 08
[4] HUANG Zhenhai, LAI Xiaolong, TIE Manxia, et al. The Progress Of Tri-element Peer Authentication (TePA)
And Access Control Method [J]. Information Technology & Standardization, 2009, 50(6): 21-23
[5] Cohen H, Miyaji A. Efficient Elliptic Curve Exponentiation Using Mixed Coordinates [J]. Lecture Notes in Computer Science, 1998: 1514,51-65
[6] Miller V. Use Of Elliptic Curves In Cryptography. In: Advances in Cryptology-CRYPTO’85, LNCS 218,
Springer-Verlag, 1986, 417-426
[7] S.Blake-Wilson, N.Bolyard, V.Gupta, C.Hawk, B.Moekker. Ecc Cipher Suites For TLS. Internet draft. October 17, 2005
作者简介:
毕超杰,男,民族汉,山东大学在读硕士,研究方向:密码学与信息安全。
张岳公,男,山东大学硕士生导师,研究方向:密码学与信息安全。