摘要
针对目前以PKI技术为基础的网格安全基础设施认证机制存在的用户规模小、效率低、依赖第三方机构在线运行等问题,提出了基于组合公钥密码的网格身份认证机制.该机制根据离散对数难题的数学原理构建公开密钥与私有密钥矩阵,生成数量庞大的由公开密钥与私有密钥组成的公私钥对,从而实现基于标识的超大规模的密钥生产与分发.通过在网格应用中实现该机制,和网格安全基础设施的认证效率进行了比较,验证了基于组合公钥密码的网格身份认证机制的可行性和高效性.
Grid security is complicated on account of pervasive resource sharing and dynamic, heterogeneous, multi-domains computing environment. Since the public key infrastructure (PKI)-based grid security infrastructure (GSI) is figured to be not efficient enough for large scaled grid applications, and need third-party authorities keeping online, a combined public key (CPK) based certification mechanism of grid is proposed. Basing on the mathematics principle of discrete log problem, huge quantities of key pairs can be produced by a public and private key matrix, and producing and distributing of huge amount of keys can be realized. Implementing in grid applications, the efficiency of CPK is compared with that of GSI, and the CPK based certification mechanism of grid is proved to be feasible and efficient.
出处
《华中科技大学学报(自然科学版)》
EI
CAS
CSCD
北大核心
2008年第11期40-43,共4页
Journal of Huazhong University of Science and Technology(Natural Science Edition)
基金
国家自然科学基金资助项目(60403027
60273076)
关键词
网格计算
身份认证
数据安全
安全通信
组合公钥
grid computing
certification
security of data
telecommunication security
combined public key