摘要
动态透明的云给人们的生活带来了无限的可能,同时也对虚拟世界中与日俱增的数字身份的隐私和安全问题提出了更大的挑战。数字身份和信息服务有着密切关系,在访问或分享资源前,用户和服务双方的身份都有必要先通过认证。特别是当身份窃取猖獗的时候,有力地用户认证、合作伙伴认证、云服务提供商认证等是至关重要的措施。分析云身份认证的现状和面临的挑战,基于谓词加密和Active Bundle思想提出了安全活跃束SAB(Security Active Bundle)云身份认证方案,实现了终端用户与云以及云之间的双向匿名认证,加强了个人敏感信息隐私保护和不再依赖可信第三方等。
Dynamic and transparent cloud brings infinite possibility to people’s life;meanwhile it also imposes greater challenges on theincreasing privacy and security problems of digital identity in virtual world.Digital identity has a close relationship with information services.Before accessing or sharing the resources,the identities of both users and services providers should be authenticated each other.In particular,when the identity theft is rampant,telling authentication on users,partners and cloud services providers is the crucial measurement.Weanalyse the status quo of cloud identity authentication and the challenges encountering,and propose a scheme named “security active bundle(SAB)cloud identity authentication”based on predicate encryption and Active Bundle idea,which realises the bi-directional anonymousauthentication between the end user and the cloud,or among the clouds.This scheme strengthens the privacy protection of personal sensitiveinformation and no longer depends on the trusted third party,etc.
出处
《计算机应用与软件》
CSCD
北大核心
2014年第9期298-303,共6页
Computer Applications and Software
关键词
云计算
安全活跃束
双向匿名认证
无可信第三方
Cloud computing
Security active bundle
Bi-directional anonymous authentication
Without trusted third party
