基于区块链的异构身份联盟与监管体系架构和关键机制  被引量：8

作　　者：董贵山[1] 张兆雷 李洪伟 白健 郝尧 陈宇翔 DONG Gui-shan;ZHANG Zhao-lei;LI Hong-wei;BAI Jian;HAO Yao;CHEN Yu-xiang(No.30 Institute of CETC,Chengdu Sichuan 610041,China;Westone Information Industry Inc.,Chengdu Sichuan 610041,China;School of Computer Science and Engineering,University of Electronic Science and Technology of China,Chengdu Sichuan 611731,China)

机构地区：[1]中国电子科技集团公司第三十研究所,四川成都610041 [2]成都卫士通信息产业股份有限公司,四川成都610041 [3]电子科技大学计算机科学与工程学院(网络空间安全学院),四川成都611731

出　　处：《通信技术》2020年第2期401-413,共13页Communications Technology

基　　金：国家重点研发计划项目（No.2017YFB0802300）;四川省科技计划项目（No.2017GZDZX0002）~~

摘　　要：网络身份管理是网络空间安全防护的重要组成部分。随着信息技术和应用的发展,面对海量异构的身份管理、跨网跨域信任服务和身份隐私保护需求,传统中心式的网络身份管理体系和机制存在身份管理平台多样且互通性差、跨域身份管理可信评价难、身份隐私信息易泄露及多态跨域网络实体行为监管困难等诸多问题。基于区块链技术设计异构身份联盟与监管体系,以网络身份管理系统作为联盟链节点,为异构的网络身份提供统一身份标识、属性登记和跨域核验、实体可信度动态评价、身份隐私保护以及实体行为监管等关键技术机制;为融合已存在的多种异构身份管理系统,打造身份提供方、监管方和用户之间的和谐共生关系,提出了一种新的解决思路。Network identity management is an important part of cyberspace security protection.With the development of information technology and applications,and faced with massive heterogeneous identity management,cross-network and cross-domain trust services,and identity privacy protection requirements,traditional centralized network identity management systems and mechanisms have many problems such as the diversity of identity management platforms and poor interoperability,poor credibility evaluation cross-domain identity management,easy leakage of identity and privacy information,and difficulties in regulating the behavior of polymorphic cross-domain network entities.Based on blockchain technology,a heterogeneous identity alliance and supervision system is designed,and with network identity management system as the node of the alliance chain,the providing of unified identity,attribute registration and crossdomain verification,dynamic evaluation of entity credibility,identity privacy protection,entity behavior supervision and other key technical mechanisms for heterogeneous network identity is done.At the same time,a new solution is proposed for the integration of existing heterogeneous identity management systems to create a harmonious symbiotic relationship of between identity providers,supervisors and users.

关 键 词：异构身份联盟 统一身份标识 联盟链 跨域访问 

分 类 号：TP311[自动化与计算机技术—计算机软件与理论]