共查询到18条相似文献,搜索用时 234 毫秒
1.
2.
3.
代理移动IPv6为移动节点提供了基于网络的移动性管理方法,移动节点不参与管理移动性信令.为了在移动互联网络中应用代理移动IPv6协议,需要定义安全有效的认证协议.目前还没有见到关于代理移动IPv6认证协议方面的研究,本文提出了一种代理移动IPv6的认证协议,该认证协议可以提供接入认证功能,并可防止重放攻击和密钥暴露.为了分析该认证协议的性能,本文给出了认证费用和认证延迟分析的解析模型,分析了移动性和流量参数对认证费用和认证延迟的影响.研究结果表明提出的代理移动IPv6认证协议安全有效. 相似文献
4.
北斗二代民用D2导航电文(BeiDou-Civil Navigation Message-D2,B-CNAV-D2)信息在开放的信道中传输,缺乏完整性保护机制,面临信息被伪造和篡改的威胁,容易遭受欺骗攻击.为了保障B-CNAV-D2信息的完整、真实和可用,本文在分析B-CNAV-D2信息组成结构的基础上,设计了基于身份签名体制的北斗二代民用D2导航电文信息认证协议.该协议提供信息源认证和信息完整性保护,实现B-CNAV-D2信息防篡改和防伪冒的功能.B-CNAV-D2信息认证协议可以有效地减少传统签名认证方案中数字证书分发和更新等处理环节,提高认证协议的整体效率和认证效率,拥有较好的认证时效性与较低的计算成本和通信成本. 相似文献
5.
针对移动无线射频识别认证协议面临的身份认证和隐私保护、动态密钥安全更新和去同步化攻击问题,提出一种可动态更新共享密钥的移动RFID双向认证协议.协议基于Hash密码机制,利用随机数同时进行密钥安全更新和身份认证,并采用对分表存储的当前和历史共享密钥进行动态添加和删除的方法,保留最后一次合法认证后的一致共享密钥.安全性能分析与效率分析表明,该协议能够实现动态密钥安全更新和身份认证、能够在遭受去同步化攻击后保证密钥同步,且具有较强的计算和存储性能.通过和同类RFID认证协议比较,协议弥补了同类RFID协议存在的不足,适用于被动式标签数量庞大的RFID系统. 相似文献
6.
针对当前GSM-R网络身份认证与密钥协商方案存在扩展性差、用户身份信息易泄露的问题,本文为下一代高速铁路无线通信系统LTE-R提出一种基于自认证公钥体制的认证与密钥协商协议,实现实体间双向身份认证,保护空中接口及有线通信链路. 相似文献
7.
针对物联网移动RFID系统标签隐私信息的访问控制以及用户身份隐私保护问题,本文采用身份加密和属性加密相结合的方法,建立了IB-AB-eCK安全模型,设计了基于身份及属性的认证密钥交换协议IB-AB-AKE。基于IB-AB-AKE协议,提出了移动RFID手机与信息服务器之间认证密钥交换协议,实现了在保护移动RFID手机用户身份隐私的同时,根据标签所有者定制的访问控制策略进行标签信息的访问控制认证和会话密钥交换,防止了隐私信息被非法访问。分析表明,IB-AB-AKE协议在IB-AB-eCK模型下是安全的,且在通信次数、通信量及计算量方面具有优势。 相似文献
8.
为了解决车载边缘计算网络中无线网络传输特性导致的窃听、重放、拦截、篡改等安全威胁,考虑到车载终端资源有限的特点,提出了一种轻量级匿名高效身份认证协议。基于切比雪夫混沌映射算法,避免了多数方案所采用的指数、双线性映射等复杂算法,有效降低了身份认证与密钥协商过程中的计算复杂度。此外,在实现接入认证及切换认证的同时,能够实现终端匿名性及可追溯、可撤销等安全功能。通过Scyther工具验证结果表明该协议能够满足认证过程中的安全需求并且能够抵抗多种协议攻击。相比已有方案,所提接入认证方案总计算开销最低可节省67%,带宽开销最低可节省11%。此外,相比于接入认证方案,所提域内切换认证方案总计算开销可节省99.8%,带宽开销可节省52%;域间切换认证方案总计算开销可节省80%,带宽开销可节省37%。性能分析结果表明该协议具备更良好的计算和通信性能,因此可以解决车载边缘计算网络中的终端高效安全接入及切换问题。 相似文献
9.
10.
本文在分析现有移动用户认证协议与因特网认证协议基础上,针对移动计算网络的技术特点设计了一个用于移动用户与收费信息服务网络相互认证和用户进行小额电子支付的协议,该协议的新颖之处在于把小额支付方案融入认证协议当中,使移动用户可以利用笔记本电脑或掌上电脑进行付费的网面浏览、购买低价位信息商品以及进行移动电子商务,同时也为移动用户漫游时的记费提供了依据.协议不仅在公共参数的存储空间需求和用户端计算负荷上是适当的,而且可以保护用户不被错误收费,同时提供服务网络防止用户抵赖的合法证据.该协议基于一个全局的公钥基础设施,适用于未来的基于第三代移动通信系统的网络计算环境. 相似文献
11.
针对视频监控系统接入层中前端设备的身份安全问题,通过对会话初始协议(Session Initia-tion Protocol,SIP)进行研究和扩展,设计并改进了一种基于超文本传输协议(Hyper Text Transfer Pro-tocol,HTTP)摘要访问认证的SIP安全机制.前端设备在接入视频监控系统前,需要通过该安全机制与系统安全管理平台上的SIP服务器进行身份认证.认证双方基于公钥基础设施数字证书认证体系(Public Key Infrastructure/Certificate Authority,PKI/CA)获取对方的数字证书后解析公钥,在摘要认证的基础上使用公钥加密和私钥签名来保护认证序列的安全性,解密认证序列后通过异或校验和摘要校验实现双向身份认证.测试与分析结果表明,改进的安全机制能够抵御常见的SIP安全风险,实现设备与安管平台间的双向身份认证,在适当损失效率的情况下确保接入系统的设备身份合法可信. 相似文献
12.
The primary goal of this research is to ensure secure communications by client‐server architectures in mobile environment. Although various two‐party authentication key exchange protocols are proposed and claimed to be resistant to a variety of attacks, studies have shown that various loopholes exist in these protocols. What's more, many two‐party authentication key exchange protocols use timestamp to prevent the replay attack and transmit the user's identity in plaintext form. Obviously, these methods will lead to the clock synchronization problem and user's anonymity problem. Fortunately, the three‐way challenged‐response handshake technique and masking user's original identity with a secret hash value used in our study address these problems well. Of course, the proposed protocol based on elliptic curve cryptography supports flawless mutual authentication of participants, agreement of session key, impersonation attack resistance, replay attack resistance, and prefect forward secrecy, as well. The analyses in the aspects of efficiency and security show that the proposed protocol is a better choice for mobile users. 相似文献
13.
14.
The goal of the third-generation mobile systems is to provide worldwide operation, enhance service capabilities, and improve performance over the second-generation mobile systems. In this paper, we propose an authentication procedure for third-generation mobile systems. The authentication procedure is a protocol suite consisting of two subprotocols: a certificate-based authentication (CBA) protocol and a ticket-based authentication (TBA) protocol. Only two parties, MS and VLR, are involved in executing our protocol. Our authentication procedure uses both public- and secret-key cryptosystems. Our authentication procedure not only provides uniform authentication across domains, but also reduces computational costs in the process of repeated authentication. We provide firm proof of our procedure's correctness. 相似文献
15.
16.
17.
An efficient authentication system of smart device using multi factors in mobile cloud service architecture
下载免费PDF全文
![点击此处可从《International Journal of Communication Systems》网站下载免费的PDF全文](/ch/ext_images/free.gif)
Young‐Sik Jeong Ji Soo Park Jong Hyuk Park 《International Journal of Communication Systems》2015,28(4):659-674
Mobile cloud computing environments have overcome the performance limitation of mobile devices and provide use environments not restricted by places. However, user information protection mechanisms are required because of both the security vulnerability of mobile devices and the security vulnerability of cloud computing. In this paper, a multifactor mobile device authentication system is proposed to provide safety, efficiency, and user convenience for mobile device use in cloud service architectures. This system improves security by reinforcing the user authentication required before using cloud computing services. Furthermore, to reinforce user convenience, the system proposed increases the strength of authentication keys by establishing multiple factors for authentication. For efficient entries in mobile device use environments, this system combines mobile device identification number entries, basic ID/password type authentication methods, and the authentication of diverse user bio‐information. This system also enhances authentication efficiency by processing the authentication factors of a user's authentication attempt in a lump instead of one by one in the cloud computing service environment. These authentication factors can be continuously added, and this authentication system provides authentication efficiency even when authentication factors are added. The main contribution is to improve high security level by through authentication of mobile devices with multifactors simultaneously and to use the mobile cloud service architecture for its efficient processing with respect to execution time of it. Copyright © 2013 John Wiley & Sons, Ltd. 相似文献