Unlock instant, AI-driven research and patent intelligence for your innovation.

Security enhancement method of iscsi protocol based on diffie-hellman protocol

A protocol security and protocol technology, applied in the field of data security, which can solve the problems of difficult originating end fine-grained access control, password leakage, and inability to revoke originating end access rights.

Active Publication Date: 2021-06-08
BEIJING INST OF COMP TECH & APPL
View PDF1 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Although the above two access control mechanisms extended by the iSCSI protocol solve the problem of password leakage in CHAP authentication, these two mechanisms require multiple encryption and decryption operations on the target side to determine whether to allow the login request from the originating side.
In addition, neither of these two mechanisms can revoke the originator's access to logged-in storage resources, and it is difficult to implement fine-grained access control for each originator

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Security enhancement method of iscsi protocol based on diffie-hellman protocol
  • Security enhancement method of iscsi protocol based on diffie-hellman protocol
  • Security enhancement method of iscsi protocol based on diffie-hellman protocol

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0065] In order to make the purpose, content, and advantages of the present invention clearer, the specific implementation manners of the present invention will be further described in detail below in conjunction with the accompanying drawings and embodiments.

[0066] The safety enhancing method of the iSCSI protocol based on the improved Diffie-Hellman protocol of the present invention includes two authentications: identity authentication based on public key certificates and authorization authentication based on capability certificates. When performing the first authentication, the originating end first sends the request and the public key certificate to the authentication server, and the authentication server uses the public key certificate to complete the identity authentication of the originating end, and on this basis judges according to its stored access control list After the request is legal, a capability certificate is issued to the originator. When performing the se...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses an iSCSI protocol security enhancement method based on the Diffie-Hellman protocol, which includes: the originating end sends its own public key certificate, request and digital signature to the authentication server; the authentication server identifies the originating end by Authenticate and authorize the request; the authentication server sends the ciphertext encrypted by the public key of the originator to the private part of the certificate together with the public part of the certificate to the originator of the request; the originator calculates the message authentication code and combines it with the certificate by The public part is sent together with the specified target; the target receives the authentication code and certificate from the public part and then authorizes and authenticates the originator’s request; the target responds to the originator’s request according to the authorization and authentication results; regularly refreshes the shared secrets used one by one key.

Description

technical field [0001] The invention relates to the technical field of data security, in particular to an iSCSI protocol security enhancement method based on the Diffie-Hellman protocol. Background technique [0002] Currently, the iSCSI protocol mostly uses the CHAP authentication protocol to control access to storage resources. However, in CHAP authentication, the user name and password are stored on the target side in plain text, which may be illegally obtained by insiders or hackers. In addition, this authentication method uses periodic authentication to resist channel insertion attacks, but it usually encounters difficulties in choosing a specific period interval. Too long a period interval will leave opportunities for intruders; too short a period interval will increase the calculation of both authentication parties. quantity. At the same time, when fine-grained access control is to be implemented for each originator, the administrator needs to manually create a user...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L9/32H04L29/06
CPCH04L9/3242H04L9/3249H04L9/3263H04L63/0823H04L63/102H04L63/126
Inventor 喻崇仁田鹏陕振
Owner BEIJING INST OF COMP TECH & APPL