期刊文献+

认证可信度理论研究 被引量:8

Research on Authentication Trustworthiness Theory
下载PDF
导出
摘要 认证是操作系统安全的基础之一,没有经过用户认证,系统安全的3个基本特性:秘密性、完整性和可用性将会严重地受到破坏.但是由于当前系统在用户认证过程中存在一些不确定性因素,如认证机制的不确定性、认证规则的不确定性和认证结论的不确定性,借鉴专家系统中不确定性推理的思想,提出认证可信度的思想,并给出了认证可信度因子模型.该模型对认证过程存在的不确定性因素给出了度量,针对需要多种认证机制的重要、特殊系统给出了认证可信度因子在多认证机制之间的传播公式,并进行了证明.通过在认证过程中引入认证可信度,可以很好地描述认证过程中的不确定性因素。并且可以更好地增强系统在多种认证机制情况下的安全性. One of the foundations of operating system security is authentication. Without being sure with whom an entity interacts, the three fundamental properties-confidentiality, integrity and availability-can be trivially violated. But there are several uncertainty factors in the user authentication procedure in current operating systems, such as the uncertainties of authentication mechanisms, the uncertainties of authentication rules and the uncertainties of authentication conclusions. This paper borrows the idea of uncertainty reasoning in expert system field, puts forward the thought of authentication trustworthiness, and gives the authentication trustworthiness factor model. The model describes the measure for these uncertainty factors in user authentication procedure. Aiming at some important and especially secure systems needing several authentication mechanisms, this paper gives and demonstrates the parallel propagation formula of authentication trustworthiness factor. After calculating the user's final authentication trustworthiness, the system decides whether the user has passed system authentication. By introducing the thought of authentication trustworthiness into authentication system, it can not only describe the uncertainty factors existing in authentication system very well, but also enhance the security of those systems needing multiple authentication mechanisms very well.
出处 《计算机研究与发展》 EI CSCD 北大核心 2005年第3期501-506,共6页 Journal of Computer Research and Development
基金 国家"八六三"高技术研究发展计划重大软件专项基金项目(2002AA1Z2101)
关键词 可信度 认证可信度 认证可信度因子 trustworthiness authentication trustworthiness authentication trustworthiness factor
  • 相关文献

参考文献6

  • 1V. Samar, C. Lai. Making login services independent of authentication technologies, http://java.sun.com/security/jaas/doc/pam. html, 1995.
  • 2Luo Xudong, Zhang Chengqi. Proof of the correctness of EMYCIN sequential propagation under conditional independence assumptions. IEEE Trans. on Knowl. Data Engineering, 1999,11(2): 355--359.
  • 3Luo Xudong, Zhang Chengqi. To normalize the relationship between the certainty factor model and probability theory, http://eiteseer, nj. nee. com/luo97to. html, 1997.
  • 4Linda van der Gaag. A pragmatical view on the certainty factor model, http://citeseer. nj. nec. com/vandergaag90pragrnatical. html,1990.
  • 5Ma Jun, Liu Jun, Xu Yang. A method of uncertainty reasoning by using information. The 31st IEEE Int'l Symp.Multiple-Valued Logic, Warsaw, Poland, 2001.
  • 6O. Heckman. Probabilistic Interpretations of MYCIN's Certainty Factors. North Holland: Uncertainty in Artificial Intelligence Elserier Science Publishers, 1986. 167--196.

同被引文献65

引证文献8

二级引证文献33

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部