真实应用环境下的PKI信任模型

Trust model for Public Key Infrastructure in the real-world environment

下载PDF

导出

摘要通过为PKI系统建立信任模型,可以更好地了解这一复杂信任体系中各实体间信任关系建立的过程.在现有模型的基础上,引入更加符合真实应用环境的谓词逻辑和信任参数,扩展了原有模型信任推导方法,并给出了新方法下的认证规则和信任规则.同时结合信任度概率模型,分析了各代表性PKI架构信任传递的过程,以及系统架构对实体间信任度的影响.分析的结果对于构建真实应用环境下的PKI系统有一定指导意义. Through reasoning about PKI trust model, researchers can learn more about the establishment and transfer of trust relationships in PKI systems. Based on the existing models, we proposed a set of trust logics with practical predications and trust parameters. By utilizing these logics, we have extended the derive formulas for entity＇s authentication and authorization and analyzed the relationship between PKI structure and trust probabilistic.

作者吴晶晶荆继武王跃武林璟锵刘怡聪

机构地区中国科学技术大学电子工程与信息科学系中国科学院研究生院信息安全国家重点实验室

出处《中国科学院研究生院学报》 CAS CSCD 北大核心 2009年第3期389-399,共11页 Journal of the Graduate School of the Chinese Academy of Sciences

基金国家高技术研究发展计划(863)(2006AA01Z454)资助

关键词 PKI 信任模型概率模型真实应用环境 Public Key Infrastructure （PKI）, trust model, probabilistic model, real-world environment

分类号 TP393.08 [自动化与计算机技术—计算机应用技术]

引文网络
相关文献

参考文献15

1Tarah A, Huitema C. Associating metrics to certification paths. In Computer Security. Springer-Verlag, 1992.175-189
2Beth T, Borcherding M, Klein B. Valuation of trust in open networks. In: Proceedings of the Conference on Computer Security. New York, Springer-Verlag, 1994.3 - 18
3Mended S, Huitema C. A new approach to the X 509 framework: Allowing a global authentication infrastructure without a global trust model; In: Proceedings of the Internet Society Symposium on Network and Distributed System Security. 1995
4Maurer U. Modeling a public-key infrastructure. In: Proceedings of the Conference on Computer Security, Lecture Notes in Computer Science, Berlin: Springer-Verlag, 1996,1146 : 325 - 350
5Wreiter MK, Stubblebine SG. Resilient authentication using path independence. IEEE Transaction on Computers, 1998,47:1351 - 1362
6Howell J, Kotz D. A formal semantics for SPKI. In : Proceedings of the Sixth European Symposium on Research in Computer Security ( ESOBICS 2000). Lecture Notes in Computer Science, Springer-Verlag, 2000,1895 : 140 - 158
7Reiter MK, Stubblebine SG. Authentication metric analysis and design. ACM Transaction on Information and System Security, 1999,2(2) :138 - 158
8Kohlas R, Maurer U. Reasoning about Public-Key certification: on binding between entities and Public Keys. Lecture Notes in Computer Science, Berlin : Springer-Verlag, 1999,1648 : 86 - 103
9Marchesini J, Smith S. Modeling Public Key Infrastructures in the real world. In: Proceeding of EuroPKI 2005. Lecture Notes in Computer Science, Springer-Verlag, 2005,354-5 : 118 - 134
10刘海龙,张其善,吴今培.PKI信任模型的条件谓词逻辑推理[J].通信学报,2002,23(11):14-20. 被引量：3

二级参考文献9

1[1]ISO/IEC 9594-8/ITU-T Recommendation X 509-1997(E), Information Technology - Open Systems Interconnection - The Directory: Authentication Framework[S].
2[2]HOUSLEY R, FORD W, POLK W, et al. RFC-1999, 2459. Internet X 509 Public Key Infrastructure, Certificate and CRL Profile[S].
3[3]MAURER U. Modeling a public-key infrastructure[A]. European Symp Res Computer Security (ESORICS'96)[C]. 1996. 325-350.
4[4]BAKKALI H EL, KAITOUNI B I. A predicate calculus logic for the PKI trust model analysis[A]. IEEE International Symposium on Network Computing and Applications[C]. 2001. 368 -371.
5[5]BAKKALI H EL, KAITOUNI B I. A logic-based reasoning about PKI trust model[A]. Sixth IEEE Symposium on Computers and Communications[C]. 2001. 42-48.
6[6]Pretty good privacy user's guide, version7.0[EB/OL]. Distributed with the PGP software, 2001.
7[7]CHOKHANI S, FORD W. RFC 2527-1999, Internet X 509 Public Key Infrastructure Certificate Policy and Certification Practices Framework[S].
8[8]CHADWICK D W, YOUNG A J, CICOVIC N K. Merging and extending the PGP and PEM trust models - the ICE-TEL trust model[J]. IEEE Networks Mag, 1997, (May): 16-24.
9[9]BURR W E. Public key infrastructure (PKI) technical specifications: part a - technical concept of operations, working draft [EB/OL]. http://csrc.nist.gov/pki/twg/baseline/pkicon20b.pdf, 1998-09-04.

共引文献2

1胡迎松,高功应.一种PKI信任模型逻辑推理的改进方法[J].计算机工程与科学,2007,29(8):7-10.
2张明德,郑雪峰,吕述望.改进的PKI可信度模型[J].小型微型计算机系统,2012,33(2):370-375. 被引量：4

1李林芯.以开放姿态推应用创新 HP8款新打印机新品亮相[J].微电脑世界,2006(8):30-30.
2谢鸿波,周明天.基于概率和条件逻辑的PKI信任模型推理[J].小型微型计算机系统,2006,27(1):69-71. 被引量：3
3高福令,陈福,刘云.公开密钥基础设施及其信任模型[J].中国数据通信,2001,3(5):21-25. 被引量：1
4龚传,刘鹏,宗锐,伊英杰.公钥基础设施PKI信任模型研究[J].计算机安全,2009(4):79-83. 被引量：6
5危国洪,纪方,牛坤.PKI信任模型研究及其在铁路中的应用[J].铁路计算机应用,2004,13(4):8-11. 被引量：1
6任子亭.网络环境下办公安全策略研究与实现[J].计算机安全,2013(6):51-55. 被引量：2
7梅颖.PKI信任模型比较分析[J].湖北师范学院学报（自然科学版）,2010,30(1):18-20. 被引量：3
8周建峰,马玉祥,欧阳雄.PKI信任模型研究[J].电子科技,2006,19(4):75-78. 被引量：7
9李昕,刘建辉,成诚,孟祥幅.基于PKI的P2P信任关系[J].辽宁工程技术大学学报（自然科学版）,2007,26(3):412-414. 被引量：2
10刘英娜,徐向阳,孟洋.PKI信任模型研究[J].计算机安全,2006(10):25-27. 被引量：1

中国科学院研究生院学报

2009年第3期

浏览历史

内容加载中请稍等...

真实应用环境下的PKI信任模型

参考文献15

二级参考文献9

共引文献2

相关作者

相关机构

相关主题

浏览历史