IKE协议中身份保护机制的分析与改进

现有IKE协议中缺乏完善的身份保护,对整个协议的安全性有不利影响。这里在分析现有IKE协议的基础上,对它进行了改进,并分析了改进对协议安全性的影响。结果表明,改进后的协议有效保护了协商双方的身份信息,解决了预共享密钥认证中身份隐藏问题。     

保护协商证书隐私的策略签名方案

信任协商过程中主体间通过交互披露信任证和访问控制策略逐渐建立信任关系,策略和信任证都可以是隐私信息,需在建立信任的协商过程中得以保护。该文提出了一种基于策略签名方案(PBSS),它采用基于身份的环签名实现对符合协商策略的证书集匿名性以保护,以信任委托断言作为策略认证的身份信息,在符合协商策略的多组证书子集中用满足策略的一组证书签名消息,验证方能证明签名方提供符合策略的证书集,但不能获得签名方提供证书的真实信息。该文在随机预言模型中给出了PBSS方案的安全性证明,在BDH问题是困难的假设下,该方案被证明是安全的。本方案只需要2个配对运算,算法中配对计算量与策略的表达式和证书集大小无关,计算量上比Bagga(2006)提出的PCPC方案低。     

身份管理技术综述

身份管理是解决大规模异构网络环境中的信息安全技术,联盟身份管理和相关标准成为发展主流,其通过对用户身份标识和管理策略进行绑定和对其进行全生命周期管理,形成集身份认证、授权管理、责任认定于一体的基础设施框架,以降低管理用户身份、属性和信任证书的成本,提高安全性,保护用户的隐私,方便信息共享等。     

基于身份的多方认证组密钥协商协议

2002年,Boneh和Silverberg提出了多线性表理论和基于多线性表的多方Diffe-Hellman密钥交换协议,H.K.Lee等人在该协议基础上利用证书对参与者进行身份认证,解决了该协议容易遭受中间人攻击的问题,H.M.Lee等人进一步引入基于身份的公钥密码技术替代数字证书,提高了密钥协商的效率,形成了ID-MAK协议.在本文中,我们对ID-MAK协议进行了安全性分析,发现ID-MAK协议没有真正实现它所宣称的身份认证,不能抵御主动攻击,敌手可冒充任意合法成员参与到密钥协商中获取组密钥.本文在计算多线性D-H问题假设下提出了两个ID-MAK协议改进方案,两个改进协议只需一轮即可协商一个组密钥,本文还给出了相应的成员动态变化和组密钥更新协议.本文最后对我们改进的协议进行了安全性分析.     

一种SD卡用户身份认证方案的设计与实现

通过分析当前云计算中基于口令与证书的模式身份认证,发现存在口令泄露、证书劫持、恶意攻击等导致信息泄密的安全隐患。结合安全卡携带方便、认证效率高、安全度强的特性,基于椭圆算法设计实现了用户与云计算服务器安全认证、密钥协商以及数据密文传输,有效地解决了终端用户身份认证存在的安全问题,并增强了云计算服务的安全性。     

支持用户问责的匿名属性认证方案

<正>当前，如何较好地解决用户隐私保护与对恶意用户实施问责是属性认证方案设计中的关键性问题。首先，基于非交互知识证明和BBS+签名技术对Ding等人的属性签名方案进行扩展，然后基于扩展方案构造了支持用户问责的属性认证方案。新的认证方案实现了对用户隐私的充分保护，即允许用户灵活选择是否揭示身份标识，允许用户在认证阶段隐藏属性值和用户证书。此外，当发生用户作恶的情况时，属性权威可以在中央权威的协助下追踪其真实身份，从而有效防止了注册用户对匿名性的滥用。     

基于证书的移动通信认证模型

本文针对GSM移动通信系统的安全缺陷,提出了一种基于证书的安全认证模型,并设计了基于证书的移动通信安全协议.该模型将IP网络的CA认证技术引入到无线网络,并对经典PKI进行了改进,将身份认证和访问授权进行了区分,实现了密钥和持有人的1:n关系,并支持匿名访问.通过实验证明了证书模型解决移动通信安全性的可行性.     

一种高效安全的自动信任协商框架

自动信任协商是一种通过逐步暴露证书和访问控制策略以确立协商双方信任关系的方法。如何实现协商的高效性和安全性一直是研究的热点。因此,文章提出一种高效安全的ATN框架,其中引入了可信计算平台,并利用重叠的虚拟化组织去评估可信度,基于可信度来自适应地调整协商策略,该框架不仅可以保证整个协商过程的安全性,而且还可以通过减少证书交换的次数来简化协商过程,防止在协商过程中不必要的信息的泄露。     

无证书两方认证密钥协商协议攻击及改进

分析了Kim等人提出的不依赖于双线性对运算的无证书两方认证密钥协商协议,指出该协议在公钥替换攻击下不满足基本伪装攻击安全性,并给出了一个具体攻击。针对该协议存在的安全性缺陷,提出了一个改进的无证书两方认证密钥协商协议。分析表明,所提出的改进协议能够有效地抵抗公钥替换攻击并满足一些必要的安全属性。     

隐藏认证的不经意传输

该文在不经意传输和隐藏证书的基础上提出了隐藏认证的不经意传输, 利用双线性对构造了一个具体方案。解决了对于不经意传输的基于标准属性证书的访问控制可能暴露接收者的某些敏感信息问题。该方案有如下特点: 只有持有特定属性证书的接收者才能打开其所选择的消息,而接收者不需要向发送者提供任何证书。发送者不能确定接收者是否能够打开消息也不能确定接收者打开的是哪些消息。利用随机问答器模型, 在BDH假设及CT-CDH假设下证明了该方案的安全性。     

基于属性披露的移动信任协商方案

针对移动环境下使用传统信任协商方案存在的通信开销、存储开销及计算开销大的问题,提出一种基于属性披露的移动信任协商方案,协商时双方首先交换包含加密属性的信任证,并根据对对方的信任度评估,预先选择性地显露证书中的某些敏感属性,之后再根据协商策略多次交换属性加密密钥,逐步向对方显示自己的属性,从而完成协商过程。通过具体的应用实例说明方案的实现过程,方案性能分析表明该方案高效可行。     

XeNA: an access negotiation framework using XACML

XeNA is a new model for the negotiation of access within an extended eXtensible Access Control Markup Language (XACML) architecture. We bring together trust management through a negotiation process and access control management within the same architecture. The negotiation process based on resource classification methodology occurs before the access control management. A negotiation module at the core of this negotiation process is in charge of collecting resources required to establish a level of trust and to insure a successful evaluation of access. The access control management is based on an extended Role-Based Access Control (RBAC) profile of XACML. This extended profile responds to advanced access control requirements and allows the expression of several access control models within XACML.     

ASPE: attribute-based secure policy enforcement in vehicular ad hoc networks

Vehicular ad hoc networks (VANETs) are usually operated among vehicles moving at high speeds, and thus their communication relations can be changed frequently. In such a highly dynamic environment, establishing trust among vehicles is difficult. To solve this problem, we propose a flexible, secure and decentralized attribute based secure key management framework for VANETs. Our solution is based on attribute based encryption (ABE) to construct an attribute based security policy enforcement (ASPE) framework. ASPE considers various road situations as attributes. These attributes are used as encryption keys to secure the transmitted data. ASPE is flexible in that it can dynamically change encryption keys depending on the VANET situations. At the same time, ASPE naturally incorporates data access control policies on the transmitted data. ASPE provides an integrated solution to involve data access control, key management, security policy enforcement, and secure group formation in highly dynamic vehicular communication environments. Our performance evaluations show that ASPE is efficient and it can handle large amount of data encryption/decryption flows in VANETs.     

New method for file deduplication in cloud storage

Deduplication is widely used in cloud storage service to save bandwidth and storage resources,however,the security of client deduplication still flaws in an external attack to access a user’s private data.Xu-CDE,a deduplication solution of encrypting data for multi-client was first proposed,which could protect the privacy of data from the external attackers and honest but curious server,with favorable theoretical meaning and representativeness.However,in Xu-CDE,the user ownership authentication credentials were lack of instantaneity protection,which could not resist replay attack.As an improvement to the flaw,the protocol MRN-CDE (MLE based and random number modified client-side deduplication of encrypted data in cloud storage) was proposed,adding random number in order to ensure the instantaneity of the authentication credentials,and using the algorithm of MLE-K_Pto extract key from original file to replace the file itself as an encryption key.As a consequence,the new protocol improved security while significantly reduced the amount of computation.After the safety analysis and the actual tests,results show that based on Xu-CDE,the proposed protocol MRN-CDE has stronger security of ownership,and improves time efficiency.Specially,the new protocol works better on large files in cloud with a certain value.     

云环境下关键词搜索加密算法研究

现有方案将关键词搜索加密和属性基加密相结合,解决了云环境下访问控制问题,但是未充分考虑信道安全以及关键词猜测攻击等安全问题。针对上述问题,提出了一种指派搜索服务器的关键词搜索属性加密方案,实现了关键词搜索访问权限控制,且检索不需要安全信道,可抵抗离线/在线关键词猜测攻击。实验结果表明,方案性能方面可取得较好结果,可应用于云环境。     

MTBAC:云计算环境中一种基于互信任的访问控制模型（英文）

As a new computing mode,cloud computing can provide users with virtualized and scalable web services,which faced with serious security challenges,however.Access control is one of the most important measures to ensure the security of cloud computing.But applying traditional access control model into the Cloud directly could not solve the uncertainty and vulnerability caused by the open conditions of cloud computing.In cloud computing environment,only when the security and reliability of both interaction parties are ensured,data security can be effectively guaranteed during interactions between users and the Cloud.Therefore,building a mutual trust relationship between users and cloud platform is the key to implement new kinds of access control method in cloud computing environment.Combining with Trust Management(TM),a mutual trust based access control(MTBAC) model is proposed in this paper.MTBAC model take both user's behavior trust and cloud services node's credibility into consideration.Trust relationships between users and cloud service nodes are established by mutual trust mechanism.Security problems of access control are solved by implementing MTBAC model into cloud computing environment.Simulation experiments show that MTBAC model can guarantee the interaction between users and cloud service nodes.     

文件过滤驱动在内网安全中的应用模型研究

针对当前企业内网中普遍存在着难控制,易泄密的现状,文中提出了一种基于Windows文件过滤驱动技术的内网安全应用模型。该模型以用户访问控制,数据透明加密和文件操作审计三方面功能为主,将内网终端从二个不可信的实体转变为可信实体。同时,它能比较有效的协调用户使用方便性和数据安全性之间的矛盾,在内网安全中具有一定的实用价值。     

Light-Weight AAA Infrastructure for Mobility Support Across Heterogeneous Networks

Security and privacy architecture for various access networks have often been considered on the upper service layers in the form of application and transport security and from lower layers in the form of security over wireless networks. Today there is no trust relationship between the stakeholders of different access network types for e.g. wireless mesh network, wireless PAN, wireless LAN, cellular network, satellite etc. and each have their own security mechanism. What is common for these access networks is the networking layer which is IP based. In order to provide seamless service across these heterogeneous access networks there must be a trust relationship among the stakeholders for authentication, authorization, accounting and billing of end user. However, what is still missing is a general solution which is both adaptable to the network types and conditions and also takes into account end system capabilities as well as enabling inter-domain AAA negotiation. This paper proposes a light-weight AAA infrastructure providing continuous, on-demand, end-to-end security in heterogeneous networks.