摘要
虚拟桌面技术将用户与资源分离,有助于终端安全的解决和资源利用率的提高,也为资源的集中管理提供了便利,但虚拟化技术的引入也使得虚拟桌面存在其特有的安全隐患。身份认证是解决虚拟桌面安全问题的关键技术,也是实施更复杂和细粒度的安全防护措施的基础。首先介绍了组合公钥CPK的基本原理,然后针对虚拟桌面的特点,基于CPK给出了虚拟资源申请和虚拟资源应用两种场景下的身份认证方法,并通过联合标识实现了用户与虚拟资源的绑定,最后给出了所提方法的安全性和实用性分析。
Virtual desktop technology separates the users and the resources,contributing to terminal security solutions and improvement of resource utilization.It also provides the convenience for the centralized management of resources,but the introduction of virtualization technology also makes unique safety risks exist in virtual desktop.Identity authentication is the key technology to solve the problem of virtual desktop security problems and also is the foundation of more complex and fine-grained security protective measures.This article first described the basic principle of the combined public key(CPK)cryptosystems,and then according to the characteristics of the virtual desktop,based on CPK authentication methods was proposed under applying the virtual resources and using virtual resources two scenarios.Through the federated identity,the binding of the user and the virtual machine comes ture.At last,the safety and performance analysis of the proposed authentication method was given.
出处
《计算机科学》
CSCD
北大核心
2015年第S1期399-401,共3页
Computer Science
基金
中央高校基本科研业务费(YZDJ1202)资助
关键词
虚拟桌面
身份认证
组合公钥
联合标识
Virtual desktop,Identity authentication,Combined public key,Federated identity
