摘要
针对传统的安全电子文件标签管理系统中证书密码体制存在的证书管理复杂,资源浪费高的缺陷,基于身份标识密码体系提出一种密级标签控制模型,实现电子文件密级标签的安全管理控制。在该模型中分别使用国产SM9标识密码数字签名算法对标签和电子文件进行数字签名。使用公钥加密算法对涉密主体加密,实现标签和文件的绑定和电子文件的安全传输,并将密级属性置于标签头中,实现文件的分级保护。通过安全性分析和对比分析,结果表明,该模型能够有效保证密级标签电子文件全生命周期的机密性、完整性、有效性和抗抵赖性,并简化了系统的部署和实施。
The certificate management system is complex and the waste of resources is high in in the traditional security electronic document label management system. To solve this problem,a secret classified label control model is proposed based on the identity-based cryptography,which can realize security management control of the file secret classified label. In this model,domestic SM9 digital signature algorithm was used to digitally sign labels and electronic files; SM9 encryption algorithm was made use of encrypting the secret subject. Therefore,it can achieve binding of labels and files and the safe transmission of electronic files. And the secret attribute was placed in the tag header to realize the classification protection of files. According to the security and contrast analysis,the results show that it can effectively guarantee the confidentiality,integrity,validity and non-repudiation of the full life cycle of the secret classified file label,and also simplify the deployment and implementation of the system.
作者
李文
李忠献
崔军
Li Wen;Li Zhongxian;Cui Jun(School of Electronic Information and Automation, Civil Aviation University of China, Tianjin 300300, China;School of Computer Sciences and Technology,Beijing University of Posts and Telecommunications ,Beijing 100876, China;Tianjin Lingehuangzhiheng Software Technology Co. , Ltd. , Tianfin 300350, China)
出处
《计算机应用与软件》
北大核心
2018年第6期304-308,312,共6页
Computer Applications and Software
基金
天津市高等学校科技发展基金计划项目(20140805)
关键词
密级标签
SM9标识密码
数字签名
加密
Secret classified label
SM9 identity-based cryptography
Digital signature Encrypt
