Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

A cross-trust domain authentication method for distributed network system

A distributed network and authentication method technology, applied in the field of cross-trust domain authentication, can solve the problems of system efficiency bottleneck, difficult hardware implementation, and inability to effectively solve cross-domain interactive authentication, so as to avoid creation and maintenance costs and reduce operating costs Effect

Inactive Publication Date: 2017-04-12
SOUTHWEST JIAOTONG UNIV
View PDF3 Cites 2 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, it is not easy to find a trusted third party that all domains trust in the actual environment, and the cost of temporarily establishing and maintaining a third-party bridge certification authority is relatively high
[0004] Document 2 "An Improved Virtual Enterprise Security Interaction Model Based on Threshold RSA Signature" (Zhang Wenfang, Wang Xiaomin, He Dake. Computer Research and Development, 2012, 49(8): 1662-1667) proposed a virtual enterprise-oriented cross- Domain authentication method, by building a virtual authentication center trusted by all member enterprise domains, to complete cross-domain authentication between entities in different trust domains, which reduces system operating costs to a certain extent, but the virtual authentication center cannot fully realize bridge authentication The role of the center
At the same time, this method uses the threshold RSA signature system to realize the creation, operation and maintenance of the virtual certification center. Due to the particularity of the RSA key structure, it must introduce a special key distribution organization to complete the generation and distribution of the virtual certification center key. The key distribution organization is likely to become a system security bottleneck, so there is a hidden danger of private key leakage of the virtual certification center
In addition, because the method is implemented by the RSA public key cryptographic algorithm, compared with the elliptic curve cryptosystem, its bit security and operating efficiency are lower, the key is longer, and the communication volume is larger.
Document 3 "Virtual Enterprise Security Interactive Authentication Scheme Against Alliance Attacks" (Zhang Yaling, Zhang Jing, Wang Xiaofeng. Computer Integrated Manufacturing System-CIMS, 2008, 14(7): 1410-1416 "gives a threshold-based DSA signature system Compared with the elliptic curve cryptosystem, the virtual authentication center cross-domain authentication method also has the problems of low bit security, low operating efficiency, long key, and large communication volume.
Since the certificate issuance process of this method must require the leader's enterprise domain to participate, when the leader cannot provide services in time due to busy business and other reasons, it will become a bottleneck in the efficiency of the system operation
In addition, this method cannot resist collusion attacks from internal members of the virtual enterprise
In summary, the above-mentioned cross-domain authentication method based on the virtual authentication center has the following disadvantages: the virtual authentication center cannot fundamentally realize the role of the bridge authentication center, the system cannot realize distributed operation, and there are certain security and efficiency bottlenecks. DSA and RSA signatures are constructed, so there are problems such as low bit security, low efficiency, long keys, large communication volume, and difficult hardware implementation, which cannot effectively solve the dynamic distributed system under the condition of limited terminal resources or communication bandwidth. cross-domain interactive authentication

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A cross-trust domain authentication method for distributed network system
  • A cross-trust domain authentication method for distributed network system
  • A cross-trust domain authentication method for distributed network system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment

[0064] see figure 1 , an embodiment of the present invention is a cross-trust domain authentication method for a distributed network system, and the specific steps are as follows:

[0065] A. Creation of the Virtual Bridge Certification Center

[0066] A1. All members of the distributed network system trust domain D i (i=1,2,...,m) Common parameters of the system are jointly selected: the elliptic curve E on the finite field GF of the cryptographic algorithm and the q-order base point P on the elliptic curve E, the secret sharing threshold t, where i is the serial number of the member trust domain, m is the number of member trust domains, and q is the large prime factor of the order of the elliptic curve E;

[0067] A2. All members trust domain D i According to the organizational model of the distributed network system and the cooperative relationship between the trust domains, negotiate and publish the trust domain D of each member i The permission set V i ,Satisfy Amo...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a cross-trust domain authentication method for a distributed network system. The method adopts a distributed key generation based on an elliptic curve cryptosystem and a threshold signature mechanism to construct a virtual bridge authentication center VBCA, and uses the virtual bridge authentication center to VBCA completes the cross-domain interactive authentication between different trust domain entities in the distributed network system. The inventive method is universal to various organizational structures, agile and dynamic, low cost, short authentication path, high bit security, high efficiency and easy hardware It is beneficial to solve the problem of cross-domain interactive authentication between entities in different trust domains in a dynamic distributed network system with limited terminal resources or communication bandwidth. In cloud computing and cloud storage networks, Internet of Things, wireless sensor networks, It has broad application prospects in agile manufacturing systems and virtual organizations.

Description

technical field [0001] The invention relates to a cross-trust domain authentication method for a distributed network system. Background technique [0002] With the rapid development of information technology and the widespread popularization of network applications, distributed applications in a cross-domain large-scale network environment have gradually become a new focus issue in the IT industry and academia because of their intensification, scale and high scalability. In dynamic distributed network applications such as cloud computing and cloud storage networks, Internet of Things, wireless sensor networks, agile manufacturing systems, and virtual organizations, collaboration across regions and trust domains is inevitable, and there are frequent interactions or large-scale interactions between multiple systems. Scale data flow. In order to ensure the safe and efficient sharing of data between systems in different trust domains that are dynamically loosely coupled, it is ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L9/32H04L29/06
Inventor 张文芳王小敏
Owner SOUTHWEST JIAOTONG UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products