检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
作 者:黄逸翔 王亚威 陈文轩 张子蛟[2] HUANG Yi-xiang;WANG Ya-wei;CHEN Wen-xuan;ZHANG Zi-jiao(School of Software,Zhengzhou University,Zhengzhou 450000,China;Network Management Center,Zhengzhou University,Zhengzhou 450000,China)
机构地区:[1]郑州大学软件学院,河南郑州450000 [2]郑州大学网络管理中心,河南郑州450000
出 处:《计算机工程与设计》2021年第11期3043-3051,共9页Computer Engineering and Design
摘 要:针对传统PKI体系结构导致的单点故障和多CA(certificate authority)之间互信困难等问题,设计一种基于区块链的PKI系统,将证书及证书操作记录在区块链上存储;设计基于联盟链的PKI跨域认证模型,对X.509证书进行适应性改进,产生区块链证书,提出跨域认证协议,通过模拟实验验证方案的可行性。验证结果表明,该方法降低CA体系对中心和根依赖的同时,跨域认证的效率得到了有效提高。Aiming at the problem of single point of failure caused by traditional PKI architecture and the difficulty of mutual trust between multiple CAs(certificate authority),etc.,a PKI system based on blockchain was designed to store certificates and certificate operations on the blockchain.A PKI cross-domain authentication model based on alliance chain was designed.The X.509 certificate was improved adaptively to generate the blockchain certificate,and the cross-domain authentication protocol was proposed.The feasibility of the scheme was verified by simulation experiments.The verification results show that the CA system reduces the dependence on the center and root,and improves the efficiency of cross-domain authentication.
关 键 词:区块链技术 PKI体系 CA跨域认证 区块链证书体系 哈希存储
分 类 号:TP393[自动化与计算机技术—计算机应用技术]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:3.140.242.43
