期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

改进的PKI可信度模型 被引量:4

Improved Trust-degree Model for PKI
下载PDF
导出
摘要 为提高证书依赖方(Relying Party)对证书持有者(Subscriber)信任评价的准确度,提出一种改进的PKI可信度模型.通过引入密钥安全期和优化不可信因子,严格区分证书可信度和私钥可信度,提出对应的计算公式,并给出组合密钥可信度和平均密钥可信度的计算方法.针对单级CA信任模型,推导出平均证书可信度和平均私钥可信度.该模型将影响密钥可信度的多个关键因素统一体现在单个计算公式中,不仅能够适应多种PKI信任模型,同时为提高证书持有者信任评价的准确度提供计算依据. In order to enhance accuracy of trust evaluation on subscribers ( or key holders ) by relying party, an improved trust-degree model for PKI is proposed. Through the introduction of key security period (KSP) and optimizing non-trust factor (NTF), the trust degree between certificate and private-key is clearly distinguished with the corresponding calculating formulas proposed. Meanwhile, the calculating methods for combined key trust degree and average key trust degree are given herein. This model integrates several critical factors that influence trust degree of certificate and private-key into one single formula, thus providing better adaptability to a variety of PKI trust models as well as sound calculating basis for improving the accuracy of trust evaluating on subscribers.
作者 张明德 郑雪峰 吕述望
机构地区 北京科技大学计算机与通信工程学院 信息安全国家重点实验室
出处 《小型微型计算机系统》 CSCD 北大核心 2012年第2期370-375,共6页 Journal of Chinese Computer Systems
基金 国家科技支撑计划项目(2008BAH22B03)资助
关键词 PKI 密钥安全期 不可信因子 可信度 模型 PKI key security period ( KSP ) non-trust factor ( NTF ) trust degree model
分类号 TP301 [自动化与计算机技术—计算机系统结构]
  • 相关文献

参考文献6

二级参考文献34

  • 1[1]ISO/IEC 9594-8/ITU-T Recommendation X 509-1997(E), Information Technology - Open Systems Interconnection - The Directory: Authentication Framework[S].
  • 2[2]HOUSLEY R, FORD W, POLK W, et al. RFC-1999, 2459. Internet X 509 Public Key Infrastructure, Certificate and CRL Profile[S].
  • 3[3]MAURER U. Modeling a public-key infrastructure[A]. European Symp Res Computer Security (ESORICS'96)[C]. 1996. 325-350.
  • 4[4]BAKKALI H EL, KAITOUNI B I. A predicate calculus logic for the PKI trust model analysis[A]. IEEE International Symposium on Network Computing and Applications[C]. 2001. 368 -371.
  • 5[5]BAKKALI H EL, KAITOUNI B I. A logic-based reasoning about PKI trust model[A]. Sixth IEEE Symposium on Computers and Communications[C]. 2001. 42-48.
  • 6[6]Pretty good privacy user's guide, version7.0[EB/OL]. Distributed with the PGP software, 2001.
  • 7[7]CHOKHANI S, FORD W. RFC 2527-1999, Internet X 509 Public Key Infrastructure Certificate Policy and Certification Practices Framework[S].
  • 8[8]CHADWICK D W, YOUNG A J, CICOVIC N K. Merging and extending the PGP and PEM trust models - the ICE-TEL trust model[J]. IEEE Networks Mag, 1997, (May): 16-24.
  • 9[9]BURR W E. Public key infrastructure (PKI) technical specifications: part a - technical concept of operations, working draft [EB/OL]. http://csrc.nist.gov/pki/twg/baseline/pkicon20b.pdf, 1998-09-04.
  • 10V. Samar, C. Lai. Making login services independent of authentication technologies, http://java.sun.com/security/jaas/doc/pam. html, 1995.

共引文献17

同被引文献20

引证文献4

二级引证文献15

小型微型计算机系统
2012年 第2期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部