| PKI信任模型的条件谓词逻辑推理 |
| |
| 引用本文: | 刘海龙,张其善,吴今培.PKI信任模型的条件谓词逻辑推理[J].通信学报,2002,23(11):14-20. |
| |
| 作者姓名: | 刘海龙 张其善 吴今培 |
| |
| 作者单位: | 北京航空航天大学,电子工程系,北京,100083 |
| |
| 摘 要: | 本文提出了一种用条件谓词逻辑来表示和推理PKI信任关系的方法。通过区别认证机构(CA)与用户实体的不同,用四个谓词表示不同个体之间的信任关系,并给出关于公钥绑定真实性和CA信任传递的推理规则。认证路径长度和证书策略是对信任关系的限制,将其作为约束条件加到谓词逻辑中更好地反映出现实中的信任。利用条件谓词逻辑,即能够对一个PKI的信任模型进行整体描述,也可从用户的角度对CA的信任度和实体公钥的真实性进行精确推理,弥补了图形法的不足。
|
| 关 键 词: | 公开密钥 基础设施 信任模型 谓词逻辑 密码学 |
| 文章编号: | 1000-436X(2002)11-0014-07 |
| 修稿时间: | 2002年3月28日 |
A conditional predicate calculus logic for PKI trust model analysis |
| |
| LIU Hai-long,ZHANG Qi-shan,WU Jin-pei.A conditional predicate calculus logic for PKI trust model analysis[J].Journal on Communications,2002,23(11):14-20. |
| |
| Authors: | LIU Hai-long ZHANG Qi-shan WU Jin-pei |
| |
| Abstract: | In this paper, a conditional predicate calculus logic was proposed for representing and reasoning about PKI trust model. While distinguishing the difference of entities and CAs, four predicates are defined to represent the trust relationships between them, and reasoning rules about the authenticity of entities' public keys and the trustworthiness of CAs are given. Certification path length and certificate policies are constraints of trust, it is reasonable to add them as conditions to the logic. Using our approach, not only a PKI's trust model can be depicted in a whole manner, but also a relying party can precisely reason about the authenticity of entities' public key and the trustworthiness of CAs from his point of view. It offsets the fault of graphic method. |
| |
| Keywords: | PKI trust trust model predicate logic |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
