摘要
越来越多不规范的网络行为给互联网的监管带来前所未有的挑战,网络行为的匿名性需求与网络监管的可追踪性需求形成了越来越明显的矛盾.为了解决对网络用户进行有效监管的问题,设计一种改进的基于OpenID机制的用户网络实名制方案,实现了分布式模式下用户发帖行为的监控,通过由Gateway Proxy执行认证功能,提高了系统的整体安全性能.基于证书机制,构造了Web Server与Gateway Proxy之间的认证交互流程,避免了OpenID规范中Web Server站点与OpenID服务器之间的中间人攻击和注册服务器欺骗攻击.通过本机制,保障了用户访问Internet的匿名性和可追溯性,实现了对网络中用户发帖行为可控,发帖事件可查的管理目标,对网络实名制的构建具有较大参考价值.
More and more nonstandard network behaviors have taken unprecedented challenges to the management on Internet,which has come into being more and more obvious contradiction between the anonymous request for behaviors in Internet and the traceability for network management.In order to solve the issue of network management effectively,an improved real name system based on OpenID has been designed and proposed,which achieves the behavior monitor for user's posting in the distributed environment.The Gateway Proxy undertakes the task of authentication,which enhances the security of the whole system.The authentication process between Web Server and Gateway Proxy is constructed based on certificate scheme,which avoids the Man-in the middle attack between Web Server and OpenID as well as the spoofing attack from inveracious registration server in the OpenID standard.It can ensure the anonymity and traceability when users access the Internet by using this mechanism,which implements the aims of monitoring and tracing for posting behavior and may throw new light on the design about real name system in network management.
出处
《小型微型计算机系统》
CSCD
北大核心
2012年第6期1228-1232,共5页
Journal of Chinese Computer Systems
基金
2011年广东省自然科学基金项目(S2011040003481
S2011010001525)资助
2009年广东高校优秀青年创新人才培养计划项目(LYM09029)资助
2011暨南大学中央高校基本科研业务费专项资金项目(21611522)资助
