摘要
为提高网络应用系统的安全性,同时降低系统升级的成本和复杂性,提出了一个基于公钥基础设施(PKI)和U盘的身份认证系统。在系统设计中,以PKI安全体系为基本框架,采用"挑战/应答"协议实现对用户身份的有效确认,使用普通U盘作为数字证书的载体,同时结合双因子验证机制,不但大大节省了应用系统的升级费用,而且保证了数字证书的移动性和安全性,提高了证书使用的便利性。在系统实现中,通过单一文件接口简化了与应用系统的集成过程。
To improve the security of network applications and reduce the cost and complexity of system upgrades, an authentication system based on public key Infrastructure (PKI) and U-disk is proposed. In the design of this system, PKI security system is used as the basic framework, and the "Challenge/Response" protocol is adopted to achieve an effective authentication. Common U-disk is used as the carrier of digital certificates and dual key approach as authentication mechanism, which not only saves the cost of application upgrades, but also ensures the mobility and security of digital certificates and improves the convenience of using certificates. In the implementation of this system, a single file interface is adopted to simplify the process of the integration with applications.
出处
《计算机工程与设计》
CSCD
北大核心
2011年第7期2229-2232,2240,共5页
Computer Engineering and Design
基金
天津师范大学青年基金项目(52LJ11)
