摘要
首先以开放的理念从技术本质的角度提出一种广义隐私计算概念,即隐私计算可以理解为一种在有效保护敏感信息前提下正确实现计算目标的计算范式;然后基于网络身份认证五方体系架构模型,针对身份签发和身份认证2个环节中的敏感信息防护水平,提出网络身份认证中的隐私计算分级方法;最后对基于智能密码钥匙、静态口令和生物特征的3类主流网络身份认证机制进行了隐私计算等级分析,并对不满足隐私计算等级要求的非隐私计算身份认证机制提出了针对性改进方案.
Firstly,this paper proposes a generalized concept of privacy preserving computing from the perspective of technology essence with an open concept,that is,privacy preserving computing can be understood as a computing paradigm that correctly realizes the computing goal under the premise of effectively protecting sensitive information.Then,based on five party architecture model of cyber-identity authentication,aiming at the protection level of sensitive information in the two links of identity issuance and identity authentication,a hierarchical method of privacy preserving computing in cyber-identity authentication is proposed.Finally,the privacy preserving computing level analysis of three kinds of mainstream cyber-identity authentication mechanisms of smart key,static password and biometrics is performanced,and targeted improvement schemes are proposed for non-privacy preserving computing identity authentication mechanisms that do not meet the requirements of privacy preserving computing level.
作者
蒋才平
亢洋
李景华
郭小波
田青
Jiang Caiping;Kang Yang;Li Jinghua;Guo Xiaobo;Tian Qing(The First Research Institute of the Ministry of Public Security,Beijing 100048;National Engineering Research Center of Multidimensional Identification and Trusted Authentication Technology,Beijing 100048)
出处
《信息安全研究》
2022年第9期863-870,共8页
Journal of Information Security Research
基金
国家重点研发计划项目(2021YFB2701300)
公安部公安理论和软科学项目(2021LL57)。
关键词
网络身份认证
隐私计算
基于智能密码钥匙的身份认证
基于静态口令的身份认证
基于生物特征的身份认证
cyber-identity authentication
privacy preserving computing
identity authentication based on smart key
identity authentication based on static password
identity authentication based on biometrics
