检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
机构地区:[1]大连理工大学,辽宁大连116621
出 处:《小型微型计算机系统》2009年第8期1611-1615,共5页Journal of Chinese Computer Systems
基 金:国家自然科学基金项目(60673046;90412007)资助
摘 要:网格为了满足单点登陆和受限代理需求,引入了代理证书.实际运用中,多个代理的产生将形成代理证书链.对该证书链,需要按照算法进行验证,以确保各代理之间信任委托关系的正确.对当前证书链验证算法进行了分析,表明在一定条件下可以简化代理的认证,从而提高检验效率,降低验证时间.基于分析结论,通过引入一个数据结构提出一种该类验证算法的改进方案,该方案在验证代理证书链签名和收集安全政策方面有改进.尤其对于代理证书链的签名验证,实验表明其验证时间明显减少,且随着签署证书的密钥长度增加,以及代理证书链的增长,验证时间减少得越明显.该方案对在网格环境下广泛应用代理证书、信任证实现委托权限、建立信任关系等起到推动作用.For the requirement of single sign on and limited proxy in grid, proxy certificate has been proposed and involved. As several proxies come into being while using them practically, it would come to a structure called proxy certificate chain. An algorithm is needed to verify the chain for assuring the trust relationship between each of proxies in it. So far, this kind of algorithm is seldom being discussed in terms of the algorithm efficiency. This paper, based on the analysis for the algorithm on verifying Proxy Certificate Chain, and a reference to a new data structure, proposes a solution on improving the algorithm efficiency. The improvement comes up not only in collection of security policy, but also verification of digital signature. Simulation test shows the improvement, especially on signature decryption, is notable. So for the application of proxy certificate and credential in grid to establish trust relationship and privilege delegation provide an occasion.
分 类 号:TP301[自动化与计算机技术—计算机系统结构]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:18.188.132.192