摘要
现有的委托授权模型主要侧重于受托方是否具有执行委托任务(权利)的能力,没有考虑到受托方平台的可信性;基于此,提出了多媒体环境下基于远程证明(Remote Attestation,RA)的委托授权安全协议,实现了对多媒体数字内容的可信委托授权。协议既保证了委托方对受托方身份与平台完整性的信任、多媒体资源服务器对受托方身份与平台完整性的信任,也实现了多媒体内容的安全访问。阐述了委托验证过程、实体间消息的交互过程以及委托授权可用性验证过程。列举与分析了协议可能遭遇的攻击,同现有的协议相比,应用于数字版权保护(Digital Rights Management,DRM)的委托授权远程证明协议的委托授权过程安全性更高,功能更完善。
The main content of existing delegation authorization model is about whether the delegatee can execute the delegated assignment(privilege),and the trust of the delegator's platform is not mentioned.In view of this,the paper presented a delegation authorization security protocol based on remote attestation under multimedia environment.Multimedia contents' trusted delegation authorization can be guaranteed in the protocol.This protocol not only ensures delegator and the multimedia server trust in delegatee's authentication and platform integrity,but also achieves the trusted access to the multimedia.Delegation verification,message interactions between entities were stated.The potential attacks were enumerated and analysed.The delegation authorization protocol based on remote attestation applied in DRM realizes the trusted delegation and the functions are more perfect compared to the existing protocols.
出处
《计算机科学》
CSCD
北大核心
2015年第4期132-135,155,共5页
Computer Science
基金
国家自然科学基金(61370220)
河南省科技创新人才计划杰出青年基金(134100510006)
河南省教育厅科学技术研究重点项目基础研究计划(13A520240
14A520048)
河南科技大学研究生创新基金项目(CXJJ-ZR12)资助。
关键词
委托授权
可信
远程证明
安全协议
Delegation authorization
Trusted
Remote attestation
Security protocol
