检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
机构地区:[1]西安电子科技大学,陕西西安710100 [2]北京电子科技学院,北京100070
出 处:《计算机技术与发展》2016年第3期140-143,共4页Computer Technology and Development
基 金:中央办公厅基本科研业务费(2015XS1-HRL)
摘 要:针对在使用公共网络资源情况下,中小型企业采用SIP构建的Presence/IM业务存在的注册劫持和注册删除的隐患,提出了一种基于RSA和DES结合的环签名安全匿名认证方案。方案首先构建一个可信域,公开域内的所有用户的公钥,然后在SIP的注册和注销过程中添加环签名认证,在整个过程中,不需要第三方参与验证,用户对于服务器是匿名的,服务器只能判断请求是否来自可信用户群,而无法从签名中获得用户身份。相比于其他常用的安全认证,环签名除了能够有效认证签名的合法性,无条件的匿名性也可以保护用户信息,在云计算等公共网络环境中减少用户信息的泄露,同时具有部署效率高,证明过程便捷的优势。最后通过运算证明方案的正确性,构建安全模型说明了方案的安全性和可行性,并采用Open SSL验证方案的效率。Under the public network, the Presence/IM established by small and middle sized enterprises with SIP exists the risks of registration hijacking and registration deleting. Aiming at this hidden danger,a security authentication scheme using ring signature based on a combination of RSA and DES is proposed. First,it builds a trusted domain and public the public key to the users in the domain. Then the scheme adds the ring signature to SIP registration and deregistration process,without the third party. For the server,users are anonymous and just knew in the domain. Compared with other security authentication, the ring signature not only ensures the legality of users, but also provides anonymity to protect user information, which will be reduced in the cloud and other public network. At the same time, it has efficient deployment and convenient proof. Last, it proves the correctness by computing in this paper, also shows the safety and feasibility by building security model. In addition, the efficiency of the scheme is verified by using OpenSSL.
分 类 号:TP302.1[自动化与计算机技术—计算机系统结构]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.117
