(山東大學 計算機科學與技術學院,山東省 濟南市 250101)
摘要: 以三元對等鑒別架構TePA和基于PKI體系的信任機制為基礎,研究了PKI體系中的跨域信任問題,在分析現有信任機制存在的問題的前提下提出了一種采用TePA技術適用于大型多域環境下的信任機制。該信任機制可以實現多域環境下的跨域信任,通過對其性能和安全性的分析說明了該機制的可行性。
關鍵詞:跨域信任;三元對等;PKI體系;身份認證
The Trust Mechanism In the Large Multi-domain Environment With the TePA Technology
BI Chao-jie1,ZHANG Yue-gong2
(School of Computer Science and Technology Shandong University, Jinan 250101, China,)
Abstract:Based on the tri-element peer authentication TePA and the PKI-based trust mechanism, we researched the problems of the cross-domain trust in the PKI system. We proposed a trust mechanism in the large multi-domain environment with the TePA technology under the premise of we analysed the problems of the current trust mechanism. The trust mechanism could implement the cross-domain trust in the large multi-domain environment. We proved the feasibility of the mechanism though analysing its performance and security.
Key words:cross-domain trust;tri-element peer authentication;PKI system;identity authentication
參考文獻 (References)
[1] 胡紅剛. 中國PKI的現狀及面臨的問題. 信息網絡安全. 2002, 03
Hu Hong-gang. The Current Situation And Problems Of PKI System In China. Information Network Security. 2002,03
[2] Neuman B.C,Ts'o T. Kerberos: an authentication service for computer networks. IEEE Communications.1994,32(9).33-38
[3] 李正豪 WAPI標準國際化完成重要一步:TePA成國際標準. 通信世界周刊. 2010年8月
Li Zheng-hao.. An Important Step Of WAPI Standard Internationalization: TePA Become The International
Standard. Communications World Weekly. 2010, 08
[4] HUANG Zhenhai, LAI Xiaolong, TIE Manxia, et al. The Progress Of Tri-element Peer Authentication (TePA)
And Access Control Method [J]. Information Technology & Standardization, 2009, 50(6): 21-23
[5] Cohen H, Miyaji A. Efficient Elliptic Curve Exponentiation Using Mixed Coordinates [J]. Lecture Notes in Computer Science, 1998: 1514,51-65
[6] Miller V. Use Of Elliptic Curves In Cryptography. In: Advances in Cryptology-CRYPTO’85, LNCS 218,
Springer-Verlag, 1986, 417-426
[7] S.Blake-Wilson, N.Bolyard, V.Gupta, C.Hawk, B.Moekker. Ecc Cipher Suites For TLS. Internet draft. October 17, 2005
作者簡介:
畢超杰,男,民族漢,山東大學在讀碩士,研究方向:密碼學與信息安全。
張岳公,男,山東大學碩士生導師,研究方向:密碼學與信息安全。