摘要
安全的跨域身份验证是保证医疗数据互联互通的关键,而现有的跨域认证模型大多依赖可信第三方,存在繁重的密钥管理开销和私钥托管问题,通过引入区块链和无证书认证技术,提出一种基于医疗联盟链的安全高效的跨域认证方案。采用哈希函数、数字签名等密码学技术实现对异域用户安全可靠的身份验证,并使用改进的实用拜占庭机制,保证在没有中心节点的情况下联盟中的医疗机构可以快速对验证结果达成一致。分析表明,在安全方面,该方案具有抵抗分布式攻击等安全属性;在效率方面,与已有跨域认证方案相比,该方案在计算开销上、通信开销上都有优势。
Secure cross-domain authentication is the key to ensure the interconnection of medical data.Most of the existing cross-domain authentication models rely on trusted third parties,and there are heavy key management overhead and private key escrow problems.By introducing blockchain and certificateless authentication technology,a safe and efficient cross-domain authentication scheme based on medical consortium chain is proposed.Using hash function,digital signature and other cryptography technology to achieve safe and reliable authentication of foreign users,and using improved practical Byzantine mechanism to ensure that medical institutions in the alliance can quickly agree on the verification results without central nodes.The analysis shows that in terms of security,the scheme has security properties such as resistance to distributed attacks;in terms of efficiency,compared with the existing cross-domain authentication scheme,the scheme has advantages in computational overhead and communication overhead.
作者
陈彦冰
钟超然
周超然
薛凌妍
黄海平
CHEN Yan-bing;ZHONG Chao-ran;ZHOU Chao-ran;XUE Ling-yan;HUANG Hai-ping(School of Computer Science,Nanjing University of Posts and Telecommunications,Nanjing 210023,China;Jiangsu High Technology Research Key Laboratory for Wireless Sensor Networks,Nanjing 210023,China)
出处
《计算机科学》
CSCD
北大核心
2022年第S01期537-543,共7页
Computer Science
基金
国家自然科学基金(62072252)
江苏省研究生科研实践创新计划资助项目(KYCX210790)
江苏省大学生创新创业训练计划项目(SZDG2021020)。
关键词
跨域认证
联盟链
无证书认证
拜占庭容错算法
Cross-domain authentication
Consortium chain
Certificateless certification
Byzantine fault tolerance algorithm
