摘要
在分析了现有认证框架存在的问题的基础上,提出了一种基于身份的多信任域认证模型.该模型以基于身份的密码体制为基础,避免了基于传统PKI的认证框架的诸多弊端,实现了跨信任域的身份认证和资源访问主体的匿名性,并利用CK模型对该模型的身份认证和匿名性安全进行了详细的分析和证明.分析表明该模型是安全且满足安全需求的.
In this paper, the authors considers the especial requirements of the authentication model in multi-domain environments. He analyzes the problems of existing authentication frameworks, and proposes an identity-based authentication model for multi-domain. The model is based on identity-based public key cryptography, so as to overcome some problems posed by traditional authentication model based on PKI. Moreover, entity authentication for cross-domain and anonymity for subiect is supported in the model. Especially, by using the modular approach under the CK-model, the security of entity authentication and anonymity is analyzed. It is showed that the proposed model is secure and could achieve the security requirements.
出处
《计算机学报》
EI
CSCD
北大核心
2006年第8期1271-1281,共11页
Chinese Journal of Computers
基金
国家自然科学基金(60273027)
国家"九七三"重点基础研究发展规划项目基金(G1999035802)
国家杰出青年基金(60025205)资助.
关键词
认证
基于身份的密码体制
匿名
安全性分析
authentication
identity-based public key cryptography
anonymity
security analysis