Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Information service entity identity management system and quick identity revocation method

An information service and identity identification technology, applied in the field of information security, can solve the problems of a management system that does not use identity identification, complex calculation, lack of real-time performance, etc., to achieve improved manageability, fast revocation, and efficient unified management and the effect of certification

Active Publication Date: 2018-11-02
XIDIAN UNIV
View PDF1 Cites 12 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, in this scheme, SEM needs to repeatedly verify the message and user in each signature operation, which makes the calculation too complicated, and the scheme only proves the security against internal attacks, which is a weak semantic security concept
[0005] Currently, existing identity management systems cannot quickly revoke invalid or illegal identities. The commonly used revocation technology is to attach the validity period of the identity to the public key of the entity, which not only needs to know the expiry date of the validity period in advance, but also does not have real-time
Although a fast revocation scheme based on arbitration has been proposed, it has not been used in the identity management system, and the existing fast revocation scheme still has certain defects in security and calculation

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Information service entity identity management system and quick identity revocation method
  • Information service entity identity management system and quick identity revocation method
  • Information service entity identity management system and quick identity revocation method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0027]At present, information service has penetrated into every field of society and is playing an increasingly important role. While abundant network information service resources bring great convenience to people, security problems are also increasing day by day. In view of the lack of management and verification mechanisms for information services in the current Internet environment, poor behavior supervision and traceability, etc., the identity management system of information service entities and the rapid revocation method of identity marks are important technologies to realize the credibility of information services in the network Assure. However, the current existing identity management system cannot quickly revoke invalid or illegal identities. The commonly used revocation technology is to attach the validity period of the identity to the public key of the entity, which not only needs to know the expiry date of the validity period in advance, but also Not real-time. ...

Embodiment 2

[0032] The identity management system of the information service entity is the same as that in Embodiment 1, see figure 2 , in the present invention, the private key generator PKG located in the identification issuing organization divides the private key of the information service entity ISE into two parts, and sends the first private key to the security arbitration unit SEM in the key revocation module for safekeeping, The second private key is sent to the information service entity ISE for storage. The information service entity ISE sends a signature request to the security arbitration unit SEM, and the security arbitration unit SEM returns a signature signaling to the information service entity ISE, and revokes the information service entity by ordering the security arbitration unit SEM to stop sending signature signaling to the information service entity ISE The signature capability of the ISE revokes the identity of the information service entity ISE.

[0033] In the pr...

Embodiment 3

[0035] The present invention is also a method for quickly revoking the identity of an information service entity, which can be realized on the above-mentioned identity management system of the information service entity, and can also be realized by adding a security arbitration unit to other identity management systems. If the identity management system of the information service entity is implemented, the identity management system of the information service entity is the same as Embodiment 1-2.

[0036] see image 3 and Figure 4 , the method for quickly revoking the identity of the information service entity of the present invention includes the following steps:

[0037] Step 1: System initialization: use the parameter generation algorithm (Setup) to realize system initialization, see image 3

[0038] The private key generator PKG generates a random number s∈[1,N-1] as the system master key, and substitutes the system master key s into the system public key generation f...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses an information service entity identity management system and a quick identity revocation method, which can solve the problem of instant revocation of an entity identity. A keyrevocation module is added in an identity management system, and the key revocation module includes a security arbitration unit, which can quickly revoke the identity of an information service entitywhen services of the information service entity are invalid or illegal. The implementation of the quick revocation method includes the following steps that: system initialization is performed, and keygeneration and segmentation of the information service entity is performed; and the information service entity and the security arbitration unit cooperate with part of private keys to implement the signature of a message, and a verification server verifies the signature of the message to achieve the unified management and authentication of a network space information service entity identity. According to the scheme of the invention, the invalid or illegal identity can be quickly revoked, the computational security is based on the difficulty of solving discrete logarithms on elliptic curves, the characteristic of quick revocation can be realized, high security can also be achieved, and the scheme is suitable for network environments with high security requirements.

Description

technical field [0001] The invention belongs to the technical field of information security, and mainly relates to the identity management of information service entities, in particular to an information service entity identity management system and a rapid identification revocation method, which can be used for quality monitoring of information services. Background technique [0002] In view of the current Internet environment, the characteristics of diverse types of information services, overlapping service content boundaries, multi-mode service formats, and dynamic service cycles, as well as the lack of management and verification mechanisms for information services, poor behavior supervision and traceability, etc. , the unified management of the identity of information service entities has become the technical guarantee for the credibility of information services in cyberspace. How to realize the unified management requirements of diverse network information service labe...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L29/06H04L9/32H04L9/08
CPCH04L9/0891H04L9/3247H04L63/08
Inventor 马文平谢艳容
Owner XIDIAN UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products