摘要
传统身份认证过程中所依据的主要是用户口令等相对固定的信息,本文提出了利用用户的系统行为信息进行身份认证的成长性身份认证的概念。与现有的身份认证机制相比,成长性身份认证可以解决密钥分发时的管理员漏洞,使侦听与监视、重放攻击等难以得手,有利于入侵检测,适用于对身份认证安全性要求较高的系统。
Relatively fixed information like password is mainly depended on in traditionalmethods of authentication while a new conceptofauthentication, which using information ofthe users behaviourin the system to authenticate, called Growable Authentication, is lodged in this paper. Compared withauthentication method nowadays,Growable Authentication could resolve the security problem with administrator when distributing the keys.Itmakes it harderto interception or watch, or replay an authentication. It is in favour of detecting inbreak, in point in the systems wich needs high security.
出处
《网络安全技术与应用》
2004年第12期27-29,共3页
Network Security Technology & Application