摘要
随着信息服务应用越来越广泛,信息服务实体访问存在的假冒、越权等安全性问题日益凸显,信息服务实体安全身份认证对提升系统安全性至关重要。针对传统信息服务实体安全身份认证过程中存在的密钥分发管理困难、信息服务实体身份验证流程复杂等问题,提出了基于身份凭证的信息服务实体安全身份认证方法。为信息服务实体生成身份标识,使用信息服务实体身份标识作为公钥,降低了密钥分发和管理的复杂性。为信息服务实体颁发身份凭证,有效简化了服务访问过程中访问者身份的验证过程。认证协议增加了安全防护机制,防篡改、防越权,提升了系统安全性。
With the development of information service applications,the security problems of information service entities such as counterfeit,exceed authority have become increasingly prominent,Identiy authentication is very important to improve security of imfor-mation service entity accessing.Addressing the difficulties such as challenges in Key distribution and menagment,complexity of inden-tity authentication processes for the traditional information service entities,an identity credential-based secure indentity authentication method for information service entities is proposed.By generation identity ID for information service entity and using it as a public key,the complexity of key distribution management is reduced.Using of identity credentials for information service entities can effectively simplifies the process of verifying visitore identities during service access.The authentication protocol has enhanced security measures,can prevent tempering,unauthorized access,and improving the system’s security.
作者
薛艳珠
丁文超
唐培元
张林枫
XUE Yanzhu;DING Wenchao;TANG Peiyuan;ZHANG Linfeng(NO.30 Institute of CETC,Chengdu Sichuan 610041,China)
出处
《通信与信息技术》
2024年第5期128-133,共6页
Communication & Information Technology
关键词
身份凭证
身份认证
信息服务实体
Identity certificate
Identiy authentication
Information service entities