摘要
目前,PKI是解决信息安全问题的一种最成熟的技术手段,能够有效解决大部分安全问题,但是PKI无法实现网络上的资源控制。SPKI/SDSI可以有效解决资源控制问题,然而由于证书链搜索算法复杂度高,目前基于SPKI/SDSI设计的访问控制模型,都存在一定的问题。紧紧围绕受控资源的访问保护,基于SPKI/SDSI设计了一个高效的分布式访问控制模型,同时提出了一种新的证书链搜索算法,在海量证书库中能快速的查找证书链,并通过模拟实验,验证新的算法的效率,实验结果表明证书数量越大,文中的算法优势越明显。
Currently, the most sophisticated technical means to resolve the problem about network security is PKI. But the PKI can not control the protected resources on the network. SPKI/SDSI could resolve this problem effective- ly, howerver, because the complexity of the certificate chain discovery algorithms is high, there are some problems in existing access control models that based on SPKI/SDSI certificates. The paper focuses on the access of the protected resources on the network, designs an efficient distributed access control model that based on SPKI/SDSI certificates. Meanwhile, proposes a new certificate chain discovery algorithm, so that could find a certificate chain in the mass certificate repository quickly. At last, do some simulation experiments to test the efficiency of the algorithm proposed in this paper. The results shows that the greater the number of the certificates, the more advantages of the proposed algorithm in this paper.
出处
《成都信息工程学院学报》
2012年第2期174-179,共6页
Journal of Chengdu University of Information Technology