Computer Science ›› 2019, Vol. 46 ›› Issue (2): 115-119.doi: 10.11896/j.issn.1002-137X.2019.02.018

• Information Security • Previous Articles     Next Articles

Hierarchical Hybrid Authentication Model Based on Key Sharing

ZHAO Jiao-jiao, MA Wen-ping, LUO Wei, LIU Xiao-xue   

  1. State Key Laboratory of Integrated Services Networks,Xidian University,Xi’an 710071,China
  • Received:2018-01-04 Online:2019-02-25 Published:2019-02-25

Abstract: With the rapid development of the information age,cloud computing data access security has become the most concerned issue for users.Identity authentication technology is an important means to ensure that participants implement secure communications in an open network environment,and how to use identity authentication technology to escort the cloud environment has become a hot issue for many scholars.This paper proposed a public key infrastructure-identity-based encryption hybrid authentication model scheme by establishing a trust relationship between different cloud services by CA certificate that Public Key Infrastructure (PKI) issued,combining multiple clouds which use Identity Based Encryption (IBE) system,adopting hierarchical identity encryption system,introducing shared key technology,and choosing ring structure.And the security of the scheme was analyzed to prove the feasibility of providing ser-vices based on the identity-based hybrid authentication model in the cloud environment.At the same time,a signcryption technology based on this model was designed to achieve cloud authentication and cross cloud authentication by the public and private key pairs.Performance analysis shows that under the premise of a slight increase in the amount of calculation,the scheme ensures sufficient security,and better satisfies the requirements of users in the cloud environment belonging to different cloud domains and users’ secure access,and solves the problem of data access security in a cloud environment effectively.

Key words: Cloud security, Hierarchical model, IBE, Identity authentication, PKI

CLC Number: 

  • TP309
[1]周洪波.云计算技术、应用、标准和商业模式[M].北京:电子工业出版社,2010.
[2]MELL P,GRANCE T.The NIST Definition of Cloud Computing:Technical Report 800-1450[R].National Institute of Standards and Technology(NIST),2011.
[3]XIE L Z.Cloud computing and cloud computing security over- view[J].Information Security and Communication Confidentiality,2012,23(12):24-25.(in Chinese)
谢灵智.云计算及云计算安全概述[J].信息安全与通信保密,2012,23(12):24-25.
[4]LUO J.Encryption mechanism for access control in cloud computing environment[J].Information Security and Communication Confidentiality,2012(11):44-46.(in Chinese)
罗俊.采用加密机制在云环境中进行访问控制[J].信息安全与通信保密,2012(11):44-46.
[5]ZHU Z Q.Research on Some Theoretical and Key Technologies of Hybrid Cloud Service Security[D].Wuhan:Wuhan University,2011(in Chinese)
朱智强.混合云服务安全若干理论与关键技术研究[D].武汉:武汉大学,2011.
[6]LI H,DAI Y,TIAN L,et al.Identity-Based Authentication for Cloud Computing[C]∥IEEE International Conference on Cloud Computing.Springer,Berlin,Heidelberg,2009.
[7]YAN L,RONG C,ZHAO G.Strengthen Cloud Computing Security with Federal Identity Management Using Hierarchical Identity-Based Cryptography[C]∥IEEE International Confe-rence on Cloud Computing.Springer,Berlin,Heidelberg,2009.
[8]BINU S,MISBAHUDDIN M,RAJ P.A mobile based remote user mutual authentication scheme without verifier table for cloud based services[C]∥Proceedings of the Third International Symposium on Women in Compution and Informatics.New York,2015:502-509.
[9]ZHOU C C,TIAN X L,ZHANG N,et al.Research on Authentication Technology in Cloud Computing[J].Computer Science,2016,43(6A):339-341.(in Chinese)
周长春,田晓丽,张宁,等.云计算中身份认证技术研究[J].计算机科学,2016,43(6A):339-341.
[10]HU Y.Research on the Authentication of Cloud Computing En- vironment[D].Beijing:Beijing University of Technology,2014.(in Chinese)
扈莹.云计算环境的身份认证的研究[D].北京:北京工业大学,2014.
[11]CHEN P L,YANG J H,LIN C I.ID-Based user authentication scheme for cloud computing[J].Journal of Electronic Science and Technology,2013,11(2):221-224.
[12]LI X H,YANG B.Efficient identity-based signature authentication scheme in cloud service[J].Int’l Journal of Advancements in Computing Technology,2013,5(5):867-876.
[13]CAO C L,ZHANG R,ZHANG M Y,et al.IBC-Based entity authentication protocols for federated cloud systems[J].On Internet & Information Systems,2013,7(5):1291-1312.
[14]LEI Y,YANG S P.PKI-based signature mechanism[J].Com- munication Technology,2013(1):43-46.(in Chinese)
雷咏,杨世平.基于PKI的签名机制[J].通信技术,2013(1):43-46.
[15]CUI J K.CPK Based Authentication and Key Management Technology[D].Harbin:Harbin Institute of Technology,2010.(in Chinese)
崔杰克.基于CPK的认证及密钥管理技术研究[D].哈尔滨:哈尔滨工业大学,2010.
[16]TIAN J.Comparative Analysis and Application of PKI and IBC in Hybrid Cloud Service Authentication Technology[J].Computer Security,2014(6):33-35.(in Chinese)
田静.混合云服务身份认证技术PKI和IBC对比分析及应用[J].计算机安全,2014(6):33-35.
[17]LIU T Q.Research and Design of Authentication Service System Based on Identity and Password System in Cloud Environment[D].Zhengzhou:Henan University of Technology,2016.(in Chinese)
刘团奇.云环境下基于身份密码体制的认证服务体系的研究与设计[D].郑州.河南工业大学.2016.
[18]YANG B.IBC and PKI combination of applied research.Information Engineering University[D].Luoyang:Information Engineering University,2009.(in Chinese)
杨斌.IBC和PKI组合应用研究[D].洛阳:解放军信息工程大学,2009.
[19]SHAMIR A.How to share a Secret[J].Communications of the ACM,1979,22(11):612-613.
[20]BLAKLEY G R.Safeguarding cryptographic keys[C]∥Pro- ceedings of the AFIPS.1979:313-317.
[21]JIANG H.Research on key management based on authentication password system in cloud environment[D].Chengdu:Southwest Jiaotong University,2016.(in Chinese)
江昊.云环境中基于身份认证密码体制的密钥管理问题研究[D].成都:西南交通大学,2014.
[22]MA L L.Research on Identity Authentication Based on Combination of PKI and IBE in Hybrid Cloud Computing[D].Yunnan:Yunnan University,2016.(in Chinese)
马丽莉.混合云计算下基于PKI和IBE组合的身份认证机制研究[D].云南:云南大学,2016.
[23]MISHRA R.Anonymous remote user authentication and key agreement for cloud computing [C]∥Proceedings of the 3rd Int’lConference on Soft Computing for Problem Solving.Springer-Verlag,2014:899-913.
[24]DONG Z M,ZHANG L,LI J T.Security enhanced anonymous remote user authentication and key agreement for cloud computing[C]∥Proceedings of the 17th Int’l Conference on Computational Science and Engineering.IEEE Computer Society Press,2014:1746-1751.
[25]WNAG Z H,HAN Z,LIU J Q,et al.Authentication Scheme Based on PTPM and Certificateless Public Key in Cloud Environment[J].Journal of Software,2016,27(6):1523-1537.(in Chinese)
王中华,韩臻,刘吉强,等.云环境下基于PTPM和无证书公钥的身份认证方案[J].软件学报,2016,27(6):1523-1537.
[1] HU Yu-jiao, JIA Qing-min, SUN Qing-shuang, XIE Ren-chao, HUANG Tao. Functional Architecture to Intelligent Computing Power Network [J]. Computer Science, 2022, 49(9): 249-259.
[2] LIU Yang, LI Fan-zhang. Fiber Bundle Meta-learning Algorithm Based on Variational Bayes [J]. Computer Science, 2022, 49(3): 225-231.
[3] CAO Meng, YU Yang, LIANG Ying, SHI Hong-zhou. Key Technologies and Development Trends of Big Data Trade Based on Blockchain [J]. Computer Science, 2021, 48(11A): 184-190.
[4] LENG Feng, ZHANG Ming-kai, YAN Zhi-wei, ZHANG Cui-ling, ZENG Yu. Application of Chinese Cryptographic Algorithm in RPKI [J]. Computer Science, 2021, 48(11A): 678-681.
[5] WU Yu-hong and HU Xiang-dong. Study on Security of Industrial Internet Network Transmission [J]. Computer Science, 2020, 47(6A): 360-363.
[6] CHEN Meng-dong, GUO Dong-sheng, XIE Xiang-hui, WU Dong. Design and Implementation of Rule Processor Based on Heterogeneous Computing Platform [J]. Computer Science, 2020, 47(4): 312-317.
[7] CHENG Qing-feng, LI Yu-ting, LI Xing-hua, JIANG Qi. Research on Application of Cryptography Technology for Edge Computing Environment [J]. Computer Science, 2020, 47(11): 10-18.
[8] LIU Gang, ZHANG Jing, LI Yue-long. Extraction of Palm Vein ROI Based on Maximal Inscribed Circle Algorithm [J]. Computer Science, 2018, 45(8): 264-267.
[9] YIN Qiu-shi, CHEN Jian-hua. Improved Identity Authentication Protocol Based on Elliptic Curve Cryptographyin Multi-server Environment [J]. Computer Science, 2018, 45(6): 111-116.
[10] YANG Dong-ju and FENG Kai. Distributed and Unified Authentication Optimization Mechanism Based on Cache [J]. Computer Science, 2018, 45(3): 300-304.
[11] DONG Jian-kang, TANG Chao, GENG Hong. Correlation-Hierarchy Based Virtual Maintenance Modeling Method for ComplexElectromechanical Components of Aircraft [J]. Computer Science, 2018, 45(12): 192-195.
[12] WU Zhong-zhi. Research on Hierarchical Modeling Technology of Typical System Based on Architecture [J]. Computer Science, 2018, 45(11A): 542-544.
[13] GUAN Zheng, YANG Zhi-jun, QIAN Wen-hua. Improved MAC Protocol in Radio-over-fiber Networks and Its Performance Analysis [J]. Computer Science, 2018, 45(10): 89-93.
[14] LIU Ying-ying, CHENG Shun, DING Shao-gang, LU Pan and SUN Yuan-hao. Garden Tourist Detection Based on Improved ViBe Algorithm [J]. Computer Science, 2017, 44(Z6): 224-228.
[15] CHEN Shu-xin, SUN Wei-min and WANG Li-li. Analysis of Astronomical Spectral Data Based on Grid Clustering [J]. Computer Science, 2017, 44(Z11): 453-456.
Viewed
Full text


Abstract

Cited

  Shared   
  Discussed   
No Suggested Reading articles found!