摘要
为了降低或消除计算机证据的脆弱性,制定了一套安全策略来保护在网络中传输的计算机证据。建立了计算机证据保护等级模型,并依据不同的证据等级制定不同的安全保护措施。详细地介绍了对绝密级证据实施的安全保护措施,在该措施中,发送方使用AES加密证据、SHA-1计算摘要、DSS生成带时间戳的签名,并将压缩证据包隐藏入图像文件在网上传输,接收方从图像文件中提取证据,并验证证据的安全属性。最后通过实验和安全性分析,表明该措施能够保证计算机证据在网络传输中的双重机密性、完整性、真实性和不可否认性。
To reduce or eliminate the vulnerability of computer evidence,a secure strategy is designed to protect computer evidence transmitting in network.Firstly,a level module for protecting computer evidence is established,and different secure measures are worked out according to different evidence protection levers.Then,how to protect top-secret evidence is introduced in details.In measures,the sender used advanced encryption standard(AES) to encrypt evidence,secure hash algorithm-1(SHA-1) to compute message digest,digital signature standard(DSS) to produce digital signature with time stamp,and hided compression package of evidence into the image files.The receiver extracted evidence package from the image files,and verified security attributes of evidence.Finally,experiment and security analysis prove the measures can ensure double confidentiality,integrity,authenticity and non-repudiation of computer evidence in network transmission.
出处
《计算机工程与设计》
CSCD
北大核心
2010年第16期3608-3611,共4页
Computer Engineering and Design
基金
重庆市自然科学基金项目(2007BB2454)
重庆邮电大学自然科学基金项目(A2009-59)
关键词
计算机证据
安全策略
证据保护等级
双重机密性
图像隐藏算法
computer evidence
secure strategy
evidence protection levers
double confidentiality
image hiding algorithm
