《计算机应用研究》|Application Research of Computers

基于ZooKeeper的全网统一信任锚模型研究

Research on unified trust anchor model based on ZooKeeper

免费全文下载 (已被下载 次)  
获取PDF全文
作者 史博轩,章峰,蒋文保
机构 北京信息科技大学 信息管理学院,北京 100192
统计 摘要被查看 次,已被下载
文章编号 1001-3695(2020)12-040-3722-04
DOI 10.19734/j.issn.1001-3695.2019.08.0568
摘要 由于现有的TCP/IP没有对地址、身份等信息进行认证,造成源地址欺骗、路由劫持等大量攻击的发生,严重威胁到网络安全。而现有基于PKI体系的CA认证机构的管理效率低、没有统一性,不适合在全网统一范围进行认证。为了能够高效地管理、认证和存储公钥信息,建立全网统一的网络层可信身份认证与管理机制,提出了基于ZooKeeper的全网统一信任锚模型。该模型利用ZooKeeper的负载均衡、数据一致性等优点,采用分布式架构来共同管理信任锚,以一种全网统一的ID标志信息来解决身份与地址真实性鉴别问题,实现网络的平等互联、安全可信。
关键词 信任锚; 可信认证; 信任链; ZooKeeper; 分布式
基金项目 网络空间安全学科创新平台建设资助项目(77F1910917)
国家重点研发计划资助项目(2018YFB1800100)
本文URL http://www.arocmag.com/article/01-2020-12-040.html
英文标题 Research on unified trust anchor model based on ZooKeeper
作者英文名 Shi Boxuan, Zhang Feng, Jiang Wenbao
机构英文名 School of Information Management,Beijing Information Science & Technology University,Beijing 100192,China
英文摘要 Because of the existing TCP/IP protocol does not authenticate the address and identity, a large number of attacks such as source address spoofing and route hijacking occur, which seriously threaten the security of the network. And the CA based on the PKI system has low management efficiency and no uniformity, and is not suitable for authentication in the entire network. In order to efficiently manage the storage of public key information and establish a network-wide trusted identity authentication and management mechanism, this paper proposed a unified trust anchor model based on ZooKeeper. This model utilized ZooKeeper load balancing, high availability and other advantages to jointly manage the trust anchor, solved the identity and address authenticity identification problem with a unified ID identification information of the entire network, and achieved equal network interconnection, security and credibility.
英文关键词 trust anchor; trusted authentication; chain of trust; ZooKeeper; distributed
参考文献 查看稿件参考文献
 
收稿日期 2019/8/28
修回日期 2019/10/10
页码 3722-3725
中图分类号 TP393
文献标志码 A