摘要
鉴于现在的网络越来越复杂,其中,用户数量大、服务类型多、安全机制不统一的特点决定了SOA环境中异构多域的情况,给出了一种基于模糊理论的信任管理方法,并将该方法与证书转换服务结合起来提出了一种SOA环境中的跨域认证方案,在该方案中,用户域使用信任管理方法来保证安全性,服务域结合信任管理与证书认证来保证安全性,并且用户可以透明地访问采用不同底层安全机制的域中服务,实现安全跨域认证。分析表明,该方案具有安全与普适的优势,可以满足SOA环境下身份认证的需求。
For the network nowadays becoming more and more complex, the SOA environment has the properties of heterogeneous and multiple domain. A trust management scheme was proposed based on the fuzzy theory, and a cross-domain identity authentication in SOA was constructed by the combining of the trust management scheme with the credential transform service. During the authentication, a user'domain used the trust management scheme to guarantee its security, and the service provider's domain used both the trust management and credential to ensure its security. Furthermore, the credential transform made users can access services in the domains whose security mechanism was different from the users'. It is shown that the proposed authentication scheme has superiority in both security and pervasive, and is suitable for the SOA environment.
出处
《网络与信息安全学报》
2016年第11期21-29,共9页
Chinese Journal of Network and Information Security
基金
国家自然科学基金资助项目(No.61602360
No.61602365)
国家高技术研究发展计划("863"计划)基金资助项目(No.2015AA017203
No.2015AA016007)
促进海峡两岸科技合作联合基金资助项目(No.U1405255)~~
关键词
SOA
跨域
身份认证
信任管理
模糊理论
证书转换
SOA, cross-domain, identity authentication, trust management, fuzzy theory, credential transform
