| 安全消息中间件的设计 |
| |
| 引用本文: | 李易民,凌捷.安全消息中间件的设计[J].计算机工程与设计,2011,32(6):1934-1937. |
| |
| 作者姓名: | 李易民 凌捷 |
| |
| 作者单位: | 广东工业大学计算机学院,广东广州,510006 |
| |
| 基金项目: | 广东省自然科学基金项目,广东省科技计划基金项目 |
| |
| 摘 要: | 为提高消息中间件的安全性,分析了消息中间件的特点和Kerberos协议的认证过程,考虑到Kerberos认证模型的安全缺陷,采用公钥密码体制和椭圆曲线的Diffie-Hellman算法改进Kerberos认证模型。该模型引入了可信的第三方CA,有效地防止了口令猜测攻击和重放攻击。采用椭圆曲线的Diffie-Hellman算法,密钥由通信双方共同决定,防止了Kerberos本身进行攻击。将改进后的Kerberos认证模型运用到消息中间件当中,在一定程度上增强了消息中间件的安全性。
|
| 关 键 词: | 消息中间件 Kerberos 身份认证 安全 公钥 |
Design of secure message oriented middleware |
| |
| LI Yi-min,LING Jie.Design of secure message oriented middleware[J].Computer Engineering and Design,2011,32(6):1934-1937. |
| |
| Authors: | LI Yi-min LING Jie |
| |
| Affiliation: | LI Yi-min,LING Jie(Faculty of Computer,Guangdong University of Technology,Guangzhou 510006,China) |
| |
| Abstract: | To improve the security of message oriented middleware,characteristics of message oriented middleware and the authentication process of Kerberos protocol are analyzed.The security flaws of Kerberos authentication model are taken into consideration.Using public key cryptography and the elliptic curve Diffie-Hellman algorithm,the Kerberos authentication is improved.To effecitively prevented password guessing attacks and replay attacks,credible third-party CA is introduced in this model.To prevent the attacks ... |
| |
| Keywords: | message oriented middleware Kerberos authentication security public-key |
| 本文献已被 CNKI 万方数据 等数据库收录! |
|
