摘要
本文根据ISO制定的OSI安全结构,提出了一种解决intranet安全性问题的全面安全模式,并设计了一个适用于Internet环境的认证与密钥分配协议;新协议采用分层机制,在低层利用intranet本地网的已有认证与密钥分配协议,在高层则采用双钥密码体制来设计跨intranet的认证与密钥分配协议。新协议与已有密码协议有很好的兼容性,且不降低原协议的安全性,并为in-tranet的各种远程访问提供安全保护。
A complete solution to the security of Intranet has been proposed according to the OSI Security Architecture. An new hierarchical authentication and key distribution protocol has also been presented to implement authentication and key distribution for the remote access between different Intranets, which adopts Kerberos authentication protocol at the lower layer and designs an new authentication and authenticated key exchanges protocol using public key cryptosystem at the upper layer. The new protocol is compliant well with authentication protocols available in the primitive networks and does not affect their security. The new protocol can be used in all kinds of remote access applications, thus it is easy to manage the security of entire Intranet network.
出处
《通信学报》
EI
CSCD
北大核心
1997年第12期83-88,共6页
Journal on Communications
基金
国家自然科学基金
电科院基金
