摘要
针对移动代理和主机的双平面认证问题,在已有移动代理安全问题研究的基础上,研究了安全保护策略,对移动代理携带的重要数据信息进行加密,提出了信誉度的概念,对信誉度进行描述和划分,确定信誉度等级和相应的操作权限,构建主机和移动代理之间的双向信誉度和安全校验认证,利用信誉度等级区分是否为恶意主机或代理,拒绝恶意主机和代理的操作请求,附实例证明了安全保护策略对移动代理安全的作用。
Aiming at the security problem of mobile agent, based on the existing research on mobile agent, this paper studies the security protection policy. The important data and information carried by mobile agent are encrypted, and the conception of creditworthiness is put forward. The creditworthiness is described and divided to confirm the classification and corresponding operation privilege. The bidirectional creditworthiness and security parity-check authentication between the host and mobile agent are constructed. The malicious hosts or mobile agents are distinguished by using creditworthiness classification. The operation requests from the malicious host or mobile agent are refused. Finally, the test results of an instance show that the security protection policy is useful for the security of mobile agent.
出处
《计算机与网络》
2017年第23期62-65,共4页
Computer & Network
基金
国防基础科研计划基金项目资助
关键词
移动代理
信誉度
信誉度等级
操作权限
mobile agent
creditworthiness
creditworthiness classification
operation privilege
