| 基于可信计算的防网络欺诈认证方案 |
| |
| 引用本文: | 于昇,祝璐. 基于可信计算的防网络欺诈认证方案[J]. 计算机工程与设计, 2009, 30(21) |
| |
| 作者姓名: | 于昇 祝璐 |
| |
| 作者单位: | 解放军信息工程大学,电子技术学院,河南,郑州,450004;北京工业大学,计算机学院,北京,100022;北京工业大学,计算机学院,北京,100022;武汉大学计算机学院,湖北,武汉,430079 |
| |
| 基金项目: | 国家973重点基础研究发展计划基金项目 |
| |
| 摘 要: | 由于大部分用户没有用户证书,在不安全网络环境中,基于用户名/口令的远程用户认证是最为常见的认证方式.正是基于这一点,许多攻击方式才得以成功实施.在分析了当今主要网络欺诈的方法和现有密钥保护机制的基础上,提出一种基于可信计算技术抵御网络欺诈的认证方案.该方案结合使用了可信计算保护存储机制、证书链、口令分割等多种技术,即使用户名/口令被盗,仍然能保证用户的认证安全.分析结果表明了该方法能有效抵御网络欺诈攻击.
|
| 关 键 词: | 可信计算 网络欺诈 证书 认证方案 TPM |
Authentication scheme based on trusted computing of preventing phishing attacks |
| |
| YU Sheng,HU Lu. Authentication scheme based on trusted computing of preventing phishing attacks[J]. Computer Engineering and Design, 2009, 30(21) |
| |
| Authors: | YU Sheng HU Lu |
| |
| Abstract: | User authentication is mostly carried out by sending a pair of useraame and password to the server in insecure network, since most users have not a certificate. Just based on this fact, some attacks are achieved. The method of phishing and the common mechanism of protecting key are analyzed, and an authentication scheme employing trusted computing technology is proposed. Since the scheme combines protected storage, authentication chain, and password partition etc, thieving only the password will not have an affect on user security. In the end, the proposed approach is proven to protect against phishing attacks. |
| |
| Keywords: | TPM |
| 本文献已被 万方数据 等数据库收录! |
|
