检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
机构地区:[1]西南交通大学信息科学与技术学院,四川成都610031
出 处:《通信学报》2014年第10期155-164,共10页Journal on Communications
基 金:国家自然科学基金资助项目(60773102);国家自然科学基金与中国工程院联合基金资助项目(U0970122)~~
摘 要:通过对SE-BGP(security enhanced BGP)的研究与分析,发现此方案不仅无法认证动态变化的跨联盟AS(autonomous system),也无法抵御其自身所发起的主动攻击。为了解决SE-BGP存在的安全问题,设计了二层跨联盟等级结构CAHS(cross-alliance hierarchical structure),基于CAHS结构,借鉴护照签证思想,利用递增散列——Ad HASH(additive hash)的特性提出了一种跨联盟安全机制SCA-BGP(secure crossing alliance for BGP)。该机制具有更高的安全性,可以有效地认证跨联盟AS的身份及行为授权,还可对其所携带的信息进行安全验证。实验分析表明,SCA-BGP可以有效地减少所需证书的规模和额外的时间开销,具有更好的可扩展性和网络收敛性能。Through studying and analyzing SE-BGP (security enhanced BGP), it was found that it couldn't validate thecross-alliance AS (autonomous system) and defense the self-lannched active attack. To solve the security problems,two-layer cross-alliance hierarchical structure CAHS (cross-alliance hierarchical structure) was designed. Based onCAHS, using the idea of passport visa and the features of AdHASH (additive hash), a cross-alliance BGP securitymechanism SCA-BGP (secure crossing alliance for BGP) was proposed. The mechanism has higher security, which isable to effectively validate the identities and behavior authorization of the cross-alliance AS as well as the message car-ried by them. The experiment results show that SCA-BGP can effectively reduce the certificate scale and extra time over-head to get better scalability and convergence performance.
关 键 词:递增散列
分 类 号:TP393[自动化与计算机技术—计算机应用技术]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.43