共查询到19条相似文献,搜索用时 46 毫秒
1.
2.
3.
一种基于身份的多信任域网格认证模型 总被引:16,自引:0,他引:16
分析了现有的网格认证框架中存在的问题,提出了一种基于身份的多信任域网格认证模型.该模型以基于身份的PKI为基础,避免了基于传统PKI的认证框架的诸多缺点.同时,该模型提供了跨信任域的双向实体认证功能.模拟试验表明,该认证模型比基于传统PKI的认证框架更轻量、更高效.而且由于该模型可以在多信任域的环境下工作,故而比W Mao提出的只能在单一信任域中工作的认证框架更符合网格认证的实际需要. 相似文献
4.
5.
基于虹膜信息的身份签名方案 总被引:3,自引:0,他引:3
生物特征的应用集中在两个方面,一是传统的身份认证和识别技术,二是密钥的产生技术。该文研究了从虹膜信息中提取特征码,采用模糊方法从虹膜特征码中提取随机串并将其嵌入到椭圆曲线中等问题。以虹膜信息为基础产生公钥,提出了一种基于虹膜信息的身份签名方案。该方案引进两个密钥生成系统,可有效防止单个密钥生成系统随意伪造签名的缺陷,进一步提高系统的安全性和可靠性。在随机预言机模型下,该方案被证明在适应性选择消息和身份攻击下具有不可伪造安全,并能有效抵抗生日攻击。 相似文献
6.
基于数字签名的交互式用户身份鉴别方案 总被引:2,自引:0,他引:2
该文首先利用Harn数字签名方案建立了基于身份的交互式用户认证与双向认证方案,并首次将这种基于身份的交互式用户认证方案推广为基于身份的交互式共享认证方案,使得认证系统的n名验证者中t名以上验证者才能验证用户身份的有效性,从而可以有效地防止认证系统个别管理人员的作弊行为,提高了认证系统的安全级别与可用性。 相似文献
7.
8.
孙黎博 《电子技术与软件工程》2022,(21):247-250
本文简要陈述多层区块链跨域认证的关键技术,重点分析多层区块链下跨域认证,基于认证模型的构建,依次讨论节点注册、认证身份与事务共识。并结合实际应用场景,对该种跨域认证的运用效果进行评价。 相似文献
9.
基于层级化身份的可证明安全的认证密钥协商协议 总被引:1,自引:0,他引:1
目前基于身份的认证密钥协商协议均以单个私钥生成器(PKG)为可信第三方,但这种系统结构难以满足身份分层注册与认证需求。该文以基于层级化身份的加密(HIBE)系统为基础重构了私钥的组成元素,并利用椭圆曲线乘法循环群上的双线性映射提出一个基于层级化身份的认证密钥协商协议,为隶属于不同层级的云实体提供了安全的会话密钥协商机制。基于CDH(Computational Diffie-Hellman)与GDH(Gap Diffie-Hellman)假设,该文证明了新协议在eCK模型下具有已知密钥安全性、前向安全性和PKG前向安全性,并且能够抵抗基于密钥泄露的伪装攻击。 相似文献
10.
在加密邮件系统中,公钥可搜索加密技术可以有效地解决在不解密的情况下搜索加密邮件的问题。针对公钥可搜索加密复杂的密钥管理问题,该文在加密邮件系统中引入了基于身份的密码体制。针对可搜索加密的离线关键字猜测攻击问题,该文采用了在加密关键字和生成陷门的同时进行认证,并且指定服务器去搜索加密电子邮件的方法。同时,在随机预言机模型下,基于判定性双线性Diffie-Hellman假设,证明方案满足陷门和密文不可区分性安全。数值实验结果表明,在陷门生成和关键字密文检测阶段,该方案与现有方案相比在计算效率上较高。
相似文献11.
12.
In pervasive computing environments, users can get services anytime and anywhere, but the ubiquity and mobility of the environments bring new security challenges. The user and the service provider do not know each other in advance, they should mutually authenticate each other. The service provider pre-fers to authenticate the user based on his identity while the user tends to stay anonymous. Privacy and secu-rity are two important but seemingly contradictory objectives. As a result, a user prefers not to expose any sensitive information to the service provider such as his physical location, ID and so on when being authen-ticated. In this paper, a highly flexible mutual authentication and key establishment protocol scheme based on biometric encryption and Diffie-Hellman key exchange to secure interactions between a user and a service provider is proposed. Not only can a user’s anonymous authentication be achieved, but also the public key cryptography operations can be reduced by adopting this scheme. Different access control policies for differ-ent services are enabled by using biometric encryption technique. The correctness of the proposed authenti-cation and key establishment protocol is formally verified based on SVO logic. 相似文献
13.
Daniele Tarchi Andrea Tassi Romano Fantacci 《Wireless Communications and Mobile Computing》2013,13(14):1309-1323
The last years have been characterized by an increasing interest in the grid and cloud computing that allow the implementation of high performance computing structures in a distributed way by exploiting multiple processing resources. The presence of mobile terminals has extended the paradigm to the so called pervasive grid networks, where multiple heterogeneous devices are interconnected to form a distributed computing resource. In such a scenario, there is the need of efficient techniques for providing reliable wireless connections among network nodes. This paper deals with the proposal of a suitable resource management scheme relying on a routing algorithm able to perform jointly the resource discovery and task scheduling for implementing an efficient pervasive grid infrastructure in a wireless ad hoc scenario. The proposed solutions have been considered within two different parallelization processing schemes, and their effectiveness has been verified by resorting to computer simulations. Copyright © 2011 John Wiley & Sons, Ltd. 相似文献
14.
15.
随着业务的发展,电信运营商逐渐转型为云计算的提供者。为构建大规模的云计算平台,多个数据中心需要跨域无缝融合。本文以中国移动通信集团广东有限公司公众云南基节点和中能节点双中心的成功案例介绍其OTV(Over Transport Virtualization)实现的原理和实施细节。 相似文献
16.
Secure user authentication scheme with novel server mutual verification for multiserver environments
The fast growth of mobile services and devices has made the conventional single‐server architecture ineffective from the point of its functional requirements. To extend the scalability and availability of mobile services to various applications, it is required to deploy multiserver architecture. In 2016, Moon et al insisted that Lu et al's scheme is weak to insiders and impersonation attack, then they proposed a biometric‐based scheme for authentication and key agreement of users in multiserver environments. Unfortunately, we analyze Moon et al's scheme and demonstrate that their scheme does not withstand various attacks from a malicious registered server. We propose a user authentication scheme with server mutual verification to overcome these security drawbacks. The proposed scheme withstands an attack from malicious insiders in multiserver environments. We use a threshold cryptography to strengthen the process of server authorization and to provide better security functionalities. We then prove the authentication and session key of the proposed scheme using Burrows‐Abadi‐Needham (BAN) logic and show that our proposed scheme is secure against various attacks. 相似文献
17.
Pervasive computing environments allow users to get services anytime and anywhere. Security has become a great challenge in pervasive computing environments because of its heterogeneity, openness, mobility and dynamicity. In this paper, we propose two heterogeneous deniable authentication protocols for pervasive computing environments using bilinear pairings. The first protocol allows a sender in a public key infrastructure (PKI) environment to send a message to a receiver in an identity-based cryptography (IBC) environment. The second protocol allows a sender in the IBC environment to send a message to a receiver in the PKI environment. Our protocols admits formal security proof in the random oracle model under the bilinear Diffie–Hellman assumption. In addition, our protocols support batch verification that can speed up the verification of authenticators. The characteristic makes our protocols useful in pervasive computing environments. 相似文献
18.