| 基于ECC的iSCSI-SAN安全模型设计 |
| |
| 引用本文: | 刘明,苏锦海.基于ECC的iSCSI-SAN安全模型设计[J].计算机工程,2007,33(18):170-171. |
| |
| 作者姓名: | 刘明 苏锦海 |
| |
| 作者单位: | 解放军信息工程大学电子技术学院,郑州,450004 |
| |
| 摘 要: | 具有带外存储虚拟化结构的iSCSI-SAN存在安全隐患:一方面,暴露在IP网络上的存储资源容易遭到假冒身份者的非法访问;另一方面,在网络上直接传输的明文存储数据面临着被网络攻击者监听的安全威胁。该文基于椭圆曲线密码体制ECC设计了适合该网络存储结构的安全模型,该模型通过提供双向认证机制防止假冒身份攻击,通过在认证过程中协商一次性会话密钥并对存储数据进行加密保证存储数据的传输安全,从而提高了存储系统的安全性。
|
| 关 键 词: | iSCSI ECC SAN 网络存储 存储虚拟化 |
| 文章编号: | 1000-3428(2007)18-0170-02 |
| 修稿时间: | 2006-10-08 |
Design of Security Model of iSCSI-SAN Based on ECC |
| |
| LIU Ming,SU Jin-hai.Design of Security Model of iSCSI-SAN Based on ECC[J].Computer Engineering,2007,33(18):170-171. |
| |
| Authors: | LIU Ming SU Jin-hai |
| |
| Affiliation: | Institute of Electronic Technology, PLA Information Engineering University, Zhengzhou 450004 |
| |
| Abstract: | iSCSI-SAN with out-band storage virtualization has some security hidden dangers: one is the storage resource exposed at IP network, which is vulnerable to forgery attack. The other one is the storage data transmitted on IP network, which faces the security threat of network sniffer. Based on ECC, a security model suited to above-mentioned network storage structure is designed, which provides two-side authentication to prevent forgery attack and encryption mechanism to ensure the security of storage data transmission. Consequently, the security of storage system is enhanced. |
| |
| Keywords: | iSCSI ECC SAN network storage storage virtualization |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
| 点击此处可从《计算机工程》浏览原始摘要信息 |
|
点击此处可从《计算机工程》下载全文 |
