零信任环境下的多层次身份认证数据流安全检测算法  被引量：3

作　　者：顾健华 冯建华[1] 高泽芳 文成江 GU Jianhua;FENG Jianhua;GAO Zefang;WEN Chengjiang(Department of Computer Science and Technology,Tsinghua University,Beijing 100084,China;China Mobile Group Device Co.,Ltd.,Beijing 100053,China)

机构地区：[1]清华大学计算机科学与技术系,北京100084 [2]中国移动通信集团终端有限公司,北京100053

出　　处：《现代电子技术》2025年第1期85-89,共5页Modern Electronics Technique

摘　　要：身份认证数据流中的敏感信息可能在传输过程中被攻击者截获,并用于恶意目的,导致隐私泄露、身份盗用等风险,为确保网络安全性,提高主体身份认证安全性,提出零信任环境下的多层次身份认证数据流安全检测算法。采用改进的文档指纹检测算法实现多层次身份认证过程中主体和客体交互数据流安全监测。通过Rabin-Karp算法实现身份认证数据文档的分块,采用Winnow算法划分身份认证数据分块文档边界后,得到身份认证数据文档指纹,将其与指纹库中的指纹进行匹配对比,识别出多层次身份认证数据流中的异常数据,实现多层次身份认证数据流安全检测。实验结果表明,该算法具有较好的身份认证数据流安全检测能力,有效地降低了网络威胁频率,提升了网络安全性。The sensitive information in identity authentication data flow may be intercepted by attackers during transmission and used for malicious purposes,leading to risks such as privacy leakage and identity theft.To ensure network security and improve the security of subject identity authentication,a multi-level identity authentication data flow security detection algorithm in zero trust environment is proposed.An improved document fingerprint detection algorithm is adopted to achieve secure monitoring of the interaction data flow between the subject and object in the process of multi-level identity authentication.The Rabin-Karp algorithm is used to partition the identity authentication data documents.After partition the document boundaries of the authentication data blocks by Winnow algorithm,the fingerprint of the identity authentication data document is obtained.The obtained fingerprint is matched and compared with that in the fingerprint database,so as to identify the abnormal data in the multi-level identity authentication data flow and realize the security detection of the multi-level identity authentication data flow.The experimental results show that the proposed algorithm has good security detection capabilities for identity authentication data flow,effectively reducing the frequency of network threats and improving network security.

关 键 词：零信任 多层次身份认证 数据流安全检测 文档指纹检测算法 Rabin-Karp算法 WINNOW算法 

分 类 号：TN919-34[电子电信—通信与信息系统] TP309.2[电子电信—信息与通信工程]