Bulletprofs-based Kerberos cross-domain authentication method

An authentication method and domain authentication technology, which is applied in the direction of instruments, electronic digital data processing, digital data protection, etc., can solve the problems of user information leakage and the inability to realize anonymous login and anonymous access of users, so as to reduce the number of interactions, reduce communication traffic, The effect of avoiding leakage

Pending Publication Date: 2021-10-01
成都卓拙科技有限公司
View PDF0 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

But they have a common defect: their identity confirmation is based on the user's submission of proof documents containing their own identity information, that is to say, if users want to prove their legitimacy to other jurisdictions, they must Provide the "identity certificate" issued by the server in this jurisdiction
A

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Bulletprofs-based Kerberos cross-domain authentication method
  • Bulletprofs-based Kerberos cross-domain authentication method
  • Bulletprofs-based Kerberos cross-domain authentication method

Examples

Experimental program
Comparison scheme
Effect test

Example Embodiment

[0131] Example:

[0132] like figure 1 As shown, the Bulletproofs-based Kerberos cross-domain authentication method process in this embodiment includes:

[0133] S1. User C communicates with the authentication server AS in this domain 1 Request to access the application server S of the foreign domain;

[0134] S2, the authentication server AS of this domain 1 After confirming the identity of user C, send user C to access the intra-domain ticket license server TGS of this domain 1 the bill

[0135] S3. User C obtains the ticket according to the To the intra-domain ticket license server TGS 1 Request access to the Outland Ticket Permission Server TGS 2 the bill

[0136] S4, intra-domain ticket license server TGS 1 After confirming the identity of user C, send the access to the foreign domain ticket license server TGS to user C 2 the bill

[0137] S5. User C constructs the parameters of non-interactive Bulletproofs authentication, that is, data that proves his i...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to the technical field of cross-domain authentication, and discloses a Bulletprofs-based Kerberos cross-domain authentication method. During cross-domain authentication, a user can prove own legal identity without submitting a related bill containing own identity information, so that leakage of user identity information is avoided. The method comprises the following steps that: a, a user requests for accessing a server S to a local domain authentication server AS1; b, the AS1 sends a ticket for access of an in-domain ticket-granting server TGS1 to the user; c, the user requests for a ticket for access of an out-domain ticket-granting server TGS2 to the TGS1; d, the TGS1 sends the ticket for accessing the TGS2 to the user; e, the user requests for access the server S to the TGS2 by constructing parameters of the non-interactive Bulletprofs; f, the TGS2 verifies the legality of the user information through a verification method of non-interactive Bulletprofs, and then sends a ticket for accessing the server S to the user; g, the user sends an authentication request to the server S; and h, the server S accepts the authentication of the user and sends a message for establishing communication to the user, and the two parties establish formal communication.

Description

technical field [0001] The invention relates to the technical field of cross-domain authentication, in particular to a Kerberos (a computer network authorization protocol) cross-domain authentication method based on Bulletproofs (a non-interactive zero-knowledge proof protocol). Background technique [0002] When a user accesses resources across domains, since there is no prior trust relationship with the authentication server of the access domain, the authentication server of the access domain needs to cooperate with the authentication server of the user's own domain to authenticate the user. In addition, in the process of cross-domain access, in order to prevent malicious entities from tracking the user's resource access records and sessions, it is necessary to hide the user's real identity during the authentication process and provide anonymous services. The cross-domain authentication scheme in a pervasive environment should satisfy anonymity and untraceability while ach...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): G06F21/64G06F21/62G06F21/60
CPCG06F21/64G06F21/6218G06F21/602
Inventor 刘金松解修蕊施扬闫科李雅俊
Owner 成都卓拙科技有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap