检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
作 者:任敏[1]
机构地区:[1]无锡工艺职业技术学院电子信息系,江苏宜兴214206
出 处:《计算机应用》2013年第10期2835-2837,2864,共4页journal of Computer Applications
摘 要:为解决现有密钥协商协议在云计算环境下的适应性问题,深入分析云计算场景对密钥协商协议的安全需求,结合现有IKEv2协议的安全性能缺陷,采用puzzle机制、密钥材料及身份信息推迟传递等手段对IKEv2进行改进,提出了一种适应云计算网络环境的密钥协商协议IKE-C,有效提升了协议中响应者的抗拒绝服务(DoS)攻击能力,同时解决了中间人攻击导致发起者身份泄露的问题。还对两种协议的收敛时间进行了比较,仿真结果表明,在相同的网络规模下,IKE-C协议的收敛时间低于IKEv2,并且随着客户端数量的增加,其优势逐渐明显。By analyzing security requirement of key agreement in cloud computation environment and the defect of security performance for IKEv2, an improved key agreement protocol IKE-C was proposed in order to solve the problem of adaptability of the existing key agreement protocols in cloud computation environment. Puzzle, key material and delaying the transmission of ID were adopted in order to promote the ability of anti-DoS ( Denial of Service) attack and overcome the problem that sender identity would be leaked because of man-in-the-middle attack. Performance comparison was conducted in the paper. The simulation result indicates that IKE-C gets shorter convergence time than IKEv2 with the same network scale, and performance superiority is more obvious as clients are increasing.
关 键 词:云计算 密钥交换 IKEV2 拒绝服务 发起者身份隐藏
分 类 号:TP393.08[自动化与计算机技术—计算机应用技术]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.186