摘要
为了提高对象存储系统的安全性,根据对象存储系统的特点,提出了一套基于椭圆曲线密码体制(ECC)的安全机制.在直接涉及数据存取安全的客户端与对象存储设备(OSD)之间,通过采用双向身份认证、会话密钥协商等安全措施,避免了中间人攻击等多类网络攻击,同时降低了系统对通信信道安全性能的要求.该安全机制不仅保证了对象存储系统的高安全性,而且简化了密钥管理.
In consideration of the feature of the object-based storage system, a set of elliptic curves cryptosystems (ECC) based security mechanism was proposed to improve its security. By setting mutual authentication and key agreement between the client and the object storage device (OSD), which affects the data access security directly, the man-in-the-middle attack and other network attacks could be prevented, and the demand for communication channel security of the storage system was reduced at the same time. It is remarkable that the mechanism proposed can realize the high security of the ob- ject-based storage system and make the key management simpler.
出处
《华中科技大学学报(自然科学版)》
EI
CAS
CSCD
北大核心
2010年第5期5-8,共4页
Journal of Huazhong University of Science and Technology(Natural Science Edition)
基金
国家自然科学基金资助项目(60873028)
关键词
认证
存储
安全
椭圆曲线密码体制
对象
authentication
storage
security
elliptic curves cryptosystems(ECC)
object
