东北大学学报(自然科学版)

东北大学学报(自然科学版) ›› 2011, Vol. 32 ›› Issue (5): 638-641.DOI: -

• 论著 • 上一篇    下一篇

一种基于PKI技术的跨异构域认证模型

姚瑶;王兴伟;蒋定德;周福才;   

  1. 东北大学信息科学与工程学院;
  • 收稿日期:2013-06-19 修回日期:2013-06-19 发布日期:2013-04-04
  • 通讯作者: -
  • 作者简介:-
  • 基金资助:
    国家自然科学基金资助项目(61070162,71071028,60802023,70931001);;

A PKI-based cross heterogeneous domain authentication model

Yao, Yao (1); Wang, Xing-Wei (1); Jiang, Ding-De (1); Zhou, Fu-Cai (1)   

  1. (1) School of Information Science and Engineering, Northeastern University, Shenyang 110819, China
  • Received:2013-06-19 Revised:2013-06-19 Published:2013-04-04
  • Contact: Yao, Y.
  • About author:-
  • Supported by:
    -

RichHTML

0

PDF (PC)

815

摘要: 针对PKI域和Kerberos域难于相互认证,提出了一种主要基于PKI技术的跨异构域认证模型,并详细设计了不同域中的用户跨异构域访问资源的认证过程.该模型能够实现PKI信任域和Kerberos信任域间的跨域认证,并支持双向认证.对方案中的协议模型进行分析,结果表明,该方案具有较好的兼容性、扩展性、可靠性、并行性、安全性,证明本模型适用于在以PKI为主的较大规模的网络环境中实现PKI域和Kerberos域的跨域认证.

关键词: 跨域认证, 异构域, PKI, Kerberos, 网络安全

Abstract: A new cross heterogeneous domain authentication model based primarily on PKI is proposed. Detailed authentication processes are designed when users access resources across heterogeneous domains in different domains. Cross-domain authentication between PKI and Kerberos domains can be accomplished, and mutual authentication is supported. Analysis was conducted on the protocol model. Theoretical analysis shows that the proposed scheme has good compatibility, expansibility, reliability, parallelism, and security. Thus, this model is suitable for PKI-based large-scale network environments for achieving cross-domain authentication between PKI and Kerberos domains.

中图分类号: