A method to realize a global network real name system based on ID authentication

Abstract

A method to realize a global network real name system based on ID authentication is to classify network user identity authentication at each network into two types, establish one-to-one domestic authentication center at each website to provide authentication service for domestic network users when they logon domestic websites, establish 10-30 international authentication centers in the country to provide third-party centralized authentication service for foreign network users (from other countries or regions) when they access and logon domestic websites, adopt ID authentication means to solve the 'bottleneck' of mass authentication of authentication centers, update and maintain the network user authentication parameters of domestic authentication centers through the encrypted transmission established between the network real name system association (or society) of each country and domestic website technicians, and meanwhile update and maintain the network user authentication parameters of international authentication center of each country through encrypted transmission established between the network real name system associations (or societies) of different countries, thus realizing a global network real time system.

Description

Technical field: [0001] The present invention relates to the field of information security, and uses computer network, cipher and chip technology to establish identity authentication and digital signature protocols. Background technique: [0002] At present, there are two types of network identity authentication technologies used by countries all over the world. One is authentication protocols established based on non-cryptographic algorithm technologies such as RADIUS, secret protection (dynamic password), etc., and the second type is authentication protocols established based on cryptographic algorithm technologies. , such as: KERBEROS, PPP, PKI and IBE, because the first type of authentication protocol does not use a cryptographic algorithm, its security performance is relatively low, and it is not suitable for establishing an international network real-name system. The second type of authentication protocol uses a cryptographic algorithm, and its security performance is r...

AI Technical Summary

Problems solved by technology

[0002] At present, there are two types of network identity authentication technologies used by countries all over the world. One is authentication protocols established based on non-cryptographic algorithm technologies such as RADIUS, secret protection (dynamic password), etc., and the second type is authentication protocols established based on cryptographic algorithm technologies. , such as: KERBEROS, PPP, PKI and IBE, because the first type of authentication protocol does not use a cryptographic algorithm, its security performance is relatively low, and it is not suitable for establishing an international network real-name system. The second type of authentication protocol uses a cryptographic algorithm, and its security performance is relatively high. KERBEROS It is an authentication protocol based on "tickets" and established using a symmetric cryptographic algorithm. It has high security performance. However, the daily registration and management of "tickets" in KERBEROS is cumbersome, and the cost of key update and maintenance is high. PPP is an authentication protoc

Images