| 自动信任协商中的攻击与防范 |
| |
| 引用本文: | 李开,卢正鼎,李瑞轩,刘百灵.自动信任协商中的攻击与防范[J].计算机科学,2010,37(8):67-71. |
| |
| 作者姓名: | 李开 卢正鼎 李瑞轩 刘百灵 |
| |
| 作者单位: | 华中科技大学计算机科学与技术学院,武汉,430074 |
| |
| 基金项目: | 国家自然科学基金项目,国家高技术研究发展计划(863计划)项目 |
| |
| 摘 要: | 自动信任协商主要解决跨安全域的信任建立问题,使陌生实体通过反复的、双向的访问控制策略和数字证书的相互披露而逐步建立信任关系.由于信任建立的方式独特和应用环境复杂,自动信任协商面临多方面的安全威胁,针对协商的攻击大多超出常规防范措施所保护的范围,因此有必要对自动信任协商中的攻击手段进行专门分析.按攻击特点对自动信任协商中存在的各种攻击方式进行分类,并介绍了相应的防御措施,总结了当前研究工作的不足,对未来的研究进行了展望.
|
| 关 键 词: | 自动信任协商 攻击 防范措施 敏感信息 |
| 收稿时间: | 2009/9/18 0:00:00 |
| 修稿时间: | 2009/12/11 0:00:00 |
Attacks and Defenses in Automated Trust Negotiation |
| |
| LI Kai,LU Zheng-ding,LI Rui-xuan,LIU Bai-ling.Attacks and Defenses in Automated Trust Negotiation[J].Computer Science,2010,37(8):67-71. |
| |
| Authors: | LI Kai LU Zheng-ding LI Rui-xuan LIU Bai-ling |
| |
| Affiliation: | (College of Computer Science and Technology, Huazhong University of Science and Technology,Wuhan 430074,China) |
| |
| Abstract: | The purpose of Automated Trust Negotiation (ATN) is mainly to establish trust among different security domains. ATN is an approach to establish mutual trust between strangers wishing to share resources or conduct business by gradually requesting and disclosing access control policies and digital credentials. Special attacks can be initiated to ATN according to the characteristics of the way of trust establishment, which cannot be effectively tackled by the measures preventing normal network attacks. Therefore, it is essential to analyze all kinds of attacks existing in ATN. A comprehensive survey of research on attacks in ATN was presented based on the classification and introduction of different attacking manners and corresponding defenses,the shortcomings of the current related research were pointed out and the development trend was also discussed. |
| |
| Keywords: | Automated trust negotiation Attack Defense Sensitive information |
| 本文献已被 万方数据 等数据库收录! |
| 点击此处可从《计算机科学》浏览原始摘要信息 |
|
点击此处可从《计算机科学》下载全文 |
|
