期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

一种结合PKI技术的Kerberos改进协议 被引量:4

AN IMPROVEMENT KERBEROS PROTOCOL WITH PKI TECHNOLOGY
下载PDF
导出
摘要 分析、研究了Kerberos协议和它的多个改进方案,指出了Kerberos协议的一些局限性,在此基础上提出一种与PKI技术、访问控制相结合的Kerberos改进协议,并采用LDAP存储用户认证信息。与原Kerberos协议对比分析表明,在密钥存储、时钟同步、口令猜测、票据的不可否认性等多项性能方面有一定改进和提高,加强了Kerberos的安全性。 In the paper we analysed the Kerberos protocol and some of its improved schemes, and picked out some limitations of it. Based on these, an improved Kerberos protocol combining with PKI technology and access control was put forward, and LDAP was used for storing user's authentication information. Comparative analysis of original Kerberos protocol shows, the improved protocol has amelioration and improvement in more than one performances, including key storage, clock synchronization password guess and non - repudiation of the notes, thus the security of Kerberos is enhanced.
作者 吴喜兰 舒远仲 江泽涛 邬志红
机构地区 南昌航空大学计算机学院
出处 《计算机应用与软件》 CSCD 2009年第2期85-86,91,共3页 Computer Applications and Software
基金 江西省重大攻关招标项目(2005A016) 江西省自然科学基金项目(0611092)
关键词 KERBEROS 身份认证 PKI RBAC LDAP Kerberos Identity authentication PKI RBAC LDAP
分类号 TP393.08 [自动化与计算机技术—计算机应用技术] TN915.04 [电子电信—通信与信息系统]
  • 相关文献

参考文献5

  • 1Kehne A, Schonwalder J, Langendorfer H. A nonce-based Protocol for multiple authentication [ J ]. Operating Systems Review, 1992,26 (4) : 84 - 89.
  • 2Itoi N, Honeyman P. Smart card integration with Kerberos v5 [ J J. Lecture Notes in Computer Science,2001,2041:73 -78.
  • 3Cheolhyun KIM, Ilyong CHUNG. An Efficient Kerberos Authentication Mechanism Associated with X. 509 and DNS [ J ]. IEICE Transactions on Information and Systems,2002 : 1384 - 1389.
  • 4黄益民,平玲娣,潘雪增.一种基于角色的访问控制扩展模型及其实现[J].计算机研究与发展,2003,40(10):1521-1528. 被引量:42
  • 5任军.基于LDAP的目录服务综述[J].计算机应用研究,2005,22(5):8-10. 被引量:42

二级参考文献17

  • 1R S Sandhu, E J Coync, H L Fcinstcin et al. Role-based access control model. IEEE Computer, 1996, 29(2): 38-47.
  • 2R Sandhu, D Ferraiolo, R Kuhn. The NIST model for role-based access control: Towards a unified standard. In: Proe of the 5th ACM Workshop on Role Based Access Control. Berlin, Germany: ACM Press, 2000. 47-63.
  • 3K Izaki, K Tanaka, M Takizawa. Access control model in obiectoriented systems. In: Proc of the 7th Int'l Conf on Parallel and Distributed Systems: Workshops. Iwate, Japan: IEEE Computer Society, 2000. 69-74.
  • 4M J Moyer, M Ahamad. Generalized role-based access control. In: Proc of the 21st Int'l Conf on Distributed Computing Systems. Phoenix: IEEE Computer Society, 2001. 391-398.
  • 5D Ferraiolo, R Sandhu, S Gavrila et al. A proposed standard for role-based access control. NIST. 2000. http://csrc. hist. gov/rbae/.
  • 6D K Gifford, P Jouvelot, M A Sheldon et al. The research file systems. In: Proc of the 12th ACM SIGOPS Symposium on Operating Systems Principles. Pacific Grove, CA: ACM Press,1991. 16-25.
  • 7Timothy A,Howes Ph D Mark C Smith,et al.Understanding and Deploying LDAP Directory Services, Second Edition[M].USA: Addison-Wesley Pub Co.,2003.1-260.
  • 8Gerald Carter. LDAP System Administration [M].USA: O'Reilly,2003.12-85.
  • 9M Wahl, T Howes, S Kille. Lightweight Directory Access Protocol (v3)[S].RFC 2251,1997.
  • 10M Wahl, A Coulbeck, T Howes, et al. Lightweight Directory Access Protocol (v3)[S].Attribute Syntax Definitions.RFC 2252,1997.

共引文献82

同被引文献18

引证文献4

二级引证文献10

计算机应用与软件
2009年 第2期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部