期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

云计算环境下密钥协商协议的应用与改进 被引量:1

Application and improvement of key agreement protocol in could computation environment
下载PDF
导出
摘要 为解决现有密钥协商协议在云计算环境下的适应性问题,深入分析云计算场景对密钥协商协议的安全需求,结合现有IKEv2协议的安全性能缺陷,采用puzzle机制、密钥材料及身份信息推迟传递等手段对IKEv2进行改进,提出了一种适应云计算网络环境的密钥协商协议IKE-C,有效提升了协议中响应者的抗拒绝服务(DoS)攻击能力,同时解决了中间人攻击导致发起者身份泄露的问题。还对两种协议的收敛时间进行了比较,仿真结果表明,在相同的网络规模下,IKE-C协议的收敛时间低于IKEv2,并且随着客户端数量的增加,其优势逐渐明显。 By analyzing security requirement of key agreement in cloud computation environment and the defect of security performance for IKEv2, an improved key agreement protocol IKE-C was proposed in order to solve the problem of adaptability of the existing key agreement protocols in cloud computation environment. Puzzle, key material and delaying the transmission of ID were adopted in order to promote the ability of anti-DoS ( Denial of Service) attack and overcome the problem that sender identity would be leaked because of man-in-the-middle attack. Performance comparison was conducted in the paper. The simulation result indicates that IKE-C gets shorter convergence time than IKEv2 with the same network scale, and performance superiority is more obvious as clients are increasing.
作者 任敏
机构地区 无锡工艺职业技术学院电子信息系
出处 《计算机应用》 CSCD 北大核心 2013年第10期2835-2837,2864,共4页 journal of Computer Applications
关键词 云计算 密钥交换 IKEV2 拒绝服务 发起者身份隐藏 cloud computing key exchange Internet Key Exchange version 2 (IKEv2) Denial of Service (DoS) initiator ID privacy
分类号 TP393.08 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献6

二级参考文献30

  • 1Kaufman C,Hoffman P,Eronen P.Internet Key Exchange Protocol:IKEv2[EB/OL].Internet-Draft,[2007-06-16],http://www.ietf.org/intemet-drafts/draft-hoffman-ikev2bis-01.txt.
  • 2Carlton R.Davis.IPsoc VPN 的安全实施[M].北京:清华大学出版社,2002:250-255.
  • 3Kaufman C,Ed.Interact Key Exchange (IKEv2) Protocol[EB/OL].IETF RFC4306.[2005-12-30].http://www.ietf.org/rfc/rfc4306.txt.
  • 4Aboba B,Blunk L,Vollbrecht J,et al.Extensible Authentication Protocol (EAP)[EB/OL].IETF RFC3748[2004-06-15].http:// www.ieff.org/rfc/rfc3748.txt.
  • 5Eronen P,Tschofenig H.Extension for EAP Authentication in IKEv2[EB/OL],Internet -Draft[2006-06-10].http://www.ietf.org/ intemet-drafts/draft-eronen-ipsec-ikev2-eap-auth-05.txt.
  • 6Sanjay Ghemawat, Howard Gobioff, Shun-Tak Leung. The google file system, http://labs.google.condpapers/gfs-sosp2003.pdf.
  • 7Mike Burrows. The chubby lock service for loosely-coupled distributed systems, http://labs.google.com/papers/chubby-osdi06.pdf.
  • 8Michael Armbrust, Armando Fox, Rean Griffith, et al. Above the clouds: a berkeley wiew of cloud computing.Communication Magazine, 2009.
  • 9IBM虚拟化与云计算小组.虚拟化与云计算.北京:电子工业出版社.2009.
  • 10Michael Miller著.姜进磊,孙瑞志,向勇等译.云计算.北京:机械工业出版社.2009.

共引文献174

同被引文献16

  • 1Wang C, Wang Q,Ren K, et al. Ensuring data storage se- curity in Cloud Computing[ C ] // Quality of Service, 2009. IWQoS. 17th International Workshop on. [ S. I. ] : IEEE, 2009 : 13-15.
  • 2Ari Juels, Burton S. Kaliski Jr. PORs : Proofs of retrievabili- ty for large files[ C] //Proceedings of the 14th ACM confer- ence of Computer and communications security. [ S. 1. ] : ACM,2007:584-597.
  • 3Giuseppe Ateniese, Randal Burns, Reza Curtmola, et al. Provable data possession at untrusted stores [ C ]//Proceed-ings of the 14th ACM conterenee of Computer and commu- nications security. IS. 1. I :ACM,2007:598-609.
  • 4C Chris Erway, Alptekin Kupeu, Charalampos Papaman- thou, et al. Dynamic provable data possession [C ] //Pro- ceedings of the 16th ACM Conference on Computer and Communications Security. [ S. 1. ] :ACM ,2009:213-222.
  • 5Sahai A, Waters B. Fuzzy identity-based eneryption [ C ]// Advances in Cryptology--EUROCRYFF 2005. [ S. 1. ]: Springer Berlin Heideberg,2005:457-473.
  • 6Goyal V, Pandey O, Sahai A, et al. Attribute-Based en- cryption for fine-grained access control of encrypted data [ C]//Proceedings of the 13th ACM conference on Com- puter and communications security. [ S. 1. ] :ACM, 2006 : 89-98.
  • 7Betheneourt J,Sahai A,Waters B. Ciphertext-policy attrib- ute-based eneryption, security and privacy [ C ] //2007 IEEE Symposium on Security and Privacy. [ S. 1. ]: IEEE, 2007:321-334.
  • 8冯登国,张敏,张妍,徐震.云计算安全研究[J].软件学报,2011,22(1):71-83. 被引量:1067
  • 9洪澄,张敏,冯登国.面向云存储的高效动态密文访问控制方法[J].通信学报,2011,32(7):125-132. 被引量:79
  • 10孙国梓,董宇,李云.基于CP-ABE算法的云存储数据访问控制[J].通信学报,2011,32(7):146-152. 被引量:64

引证文献1

二级引证文献4

计算机应用
2013年 第10期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部