CN101378318A - Identification authentication method of open network base on dynamic credible third-party - Google Patents

Identification authentication method of open network base on dynamic credible third-party Download PDF

Info

Publication number
CN101378318A
CN101378318A CNA200810155720XA CN200810155720A CN101378318A CN 101378318 A CN101378318 A CN 101378318A CN A200810155720X A CNA200810155720X A CN A200810155720XA CN 200810155720 A CN200810155720 A CN 200810155720A CN 101378318 A CN101378318 A CN 101378318A
Authority
CN
China
Prior art keywords
party
entity
authentication
trusted
trust
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CNA200810155720XA
Other languages
Chinese (zh)
Other versions
CN101378318B (en
Inventor
王汝传
王海艳
张琳
王杨
李捷
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Nanjing Post and Telecommunication University
Original Assignee
Nanjing Post and Telecommunication University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Nanjing Post and Telecommunication University filed Critical Nanjing Post and Telecommunication University
Priority to CN200810155720XA priority Critical patent/CN101378318B/en
Publication of CN101378318A publication Critical patent/CN101378318A/en
Application granted granted Critical
Publication of CN101378318B publication Critical patent/CN101378318B/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Landscapes

  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)
  • Computer And Data Communications (AREA)

Abstract

The invention discloses an identity authentication method based on a dynamic trusted third party in an open network. By constructing an authentication system structure containing a trust decision-making database, the dynamic trusted third party and an entity joining the network service, the proposal leads an interactive entity not only to obtain necessary information related to identity authentication but also to obtain a trust feedback set of the trusted third party depended by the interactive entity when the interactive entity is carried out identity authentication; and according to the trust feedback set, the entity independently selects a trust decision-making function and calculates the reliability thereof. The proposal consists of four phases of identity authentication information collecting, identity authentication reliability calculating and judging, identity authentication information mutual judging and identity authentication information feed backing. The invention not only realizes dynamic control to the behavior of the trusted third party by the identity authentication entity in the open network, but also improves the reliability of identity authentication by carrying out reliability calculating and judging.

Description

In the open network based on the third-party identity identifying method of dynamic credible
Technical field
The present invention relates to a kind of embodiment that in open network, realizes authentication, mainly utilize distributed computing technology, reliable computing technology and trust management technology to solve the problem of inter-entity authentication in the open network, belong to Distributed Calculation, information security, instant messaging interleaving techniques application.
Background technology
Deeply popularize and the continuous expansion of network impel new application demand and application model to continue to bring out, and are that the open network of main target becomes domestic and international noticeable research field just gradually with resource-sharing, cooperation with service.Open network is more complicated than general networking situation, mainly shows: participate in that entity dynamically changeable, number are numerous, not know each other situation mutually to each other in the majority, the environment isomerism is strong, dynamic change is fast, and the central role of central server is further weakened.Authentication safely and effectively becomes the particularly challenging work in the authentication mechanism of open network security mechanism between the strange entity that how to guarantee to participate in serving.Authentication comprises authentication and two main aspects of behavior authentication, and wherein authentication is the basis of realization behavior authentication, and the behavior authentication is necessity continuity of authentication.Set up rationally, authentication efficiently is the important prerequisite that safety realizes the network service.
Existing security means mainly solves authentication question from following two aspects: be the inter-entity behavior authentication question that is closely connected with trust on the one hand, it be conceived to utilize in different application models according to application demand break the wall of mistrust model, realize that trust metrics and dependent credit administrative skill solve the behavior authentication of inter-entity, be one of focus of Distributed Calculation field research at present.It is by the accumulation of the trust between interworking entity and trust the credibility of recommending or transmitting the decision entity, thereby the realization behavior authenticates, for the network service provides the authorization decision foundation.Be traditional identity identifying technology (encryption, digital signature) on the other hand, it mainly depends on the intervention of trusted third party, realizes the authentication of inter-entity identity by public key cryptography technology.
Though existing authentication techniques are applied to realize that with the trust management technology behavior of inter-entity authenticates, and often all depend on complete believable third party in the solution process of authentication.In traditional identity verification scheme based on PKIX, each entity is all by obtaining the letter of identity realization authentication that a certain CA is issued, thereby cause this CA to become the bottleneck of network service and the object of being attacked easily, cause single point failure, third-party reliability can not effectively be guaranteed; On the other hand, in order to simplify a large sum of expense that certificate is set up and administrative institute brings, people have proposed to be applied to realize authentication based on the cryptography of sign and with it on the basis of PKIX.In this case, though each entity need not by realizing authentication to trusted third party application certificate, but still needing a private key production center serve as complete believable third party, is its calculating and propagation that realizes private key.The private key of all entities in this territory is known in this private key production center, exist malice to pretend to be or read the inter-entity interactive information and entity can't propose the effectively possibility of accusation to its fraud, make entity provide the behavior of service not have controllability trusted third party.Thereby though in cryptographic research field also some scholar proposed the thought that falls into by door and the task of the CA or the private key production center is shared two or colony reach and share or the effect of its function that weakens, but the precondition that these certificate schemes are set up all is to think that the one or more third parties that relied on are believable fully before entity interaction, and they also are believable in whole network service, this static trust is supposed prerequisite and is not met the dynamic characteristic of entity in the open network environment, thereby must consider the credible problem of dynamic behaviour of trusted third party when realizing the inter-entity authentication.
Summary of the invention
Technical problem: the objective of the invention is in open network, to provide in a kind of open network based on the third-party identity identifying method of dynamic credible, based on cryptography theory, fusion reliable computing technology and trust management technology, in open network, make up the third party of dynamic credible, and realize that on this basis inter-entity has the authentication of high reliability, controllability characteristics, to adapt to the open network dynamic characteristic, solve the deficiency of implementation method in the current open network safety identification authentication technology.
Technical scheme: identity identifying method of the present invention is: open network by several toward each other independently the territory form, comprise plurality of network entity and one in each territory and be called as the third-party entity of dynamic credible.Different with other entities, this entity does not participate in the open network service, but only provides telecommunications services for authentication.Each territory has certain independence, entity is applied to the authentication decision-making according to the autonomous trust value of the relevant trusted third party of a kind of trust decisions function calculation of selecting in the trust decisions storehouse in this territory with it in the territory, thereby realizes the safety identification authentication of high reliability, controllability between interworking entity.
One, architecture
Of the present inventionly mainly form by trust decisions storehouse, dynamic credible third party, entity three parts that participate in the network service based on the third-party authentication architecture of dynamic credible.
Be the functional description of these three major parts below:
Trust decisions storehouse: form by several trust decisions functions, each decision function all has input, output two parts, input is a n metasequence, the interworking entity feedback information that obtains after third-party n the participation authentication of a certain dynamic credible of this serial response is output as the third-party current confidence level of this dynamic credible.
The dynamic credible third party: by the unique establishment in territory, certain life cycle is arranged, this entity is responsible for participating in the authentication of all interworking entity in this territory; Remove and have the entity identities of the discriminating true and false, issue its effective letter of identity or finish private key production and propagate outside these conventional func, the also additional function of this dynamic credible third party: i.e. promising its of record institute set up the feedback information of the interworking entity of letter of identity or private key to this trusted third party authentication service behavior, and this trusts is fed back to collect for its behavior confidence level of the follow-up differentiation of other entities provides foundation.
Participate in the entity of network service: be the main body in the open network service, it is responsible for the screening of n metasequence and choosing of trust decisions function, and this entity is realized issuing for it letter of identity or produced the third-party trust feedback of dynamic credible of private key for it; In addition, it is the confidence level calculating and the decision-making of another trusted third party that entity is also born mutual with it entity identities Certificate Authority person, and this result of decision will directly influence this entity and whether participate in follow-up authentication.
Two, authentication embodiment flow process
Authentication embodiment of the present invention is differentiated alternately by authentication information collection, the calculating of authentication confidence level and differentiation, authentication information and authentication information feedback four-stage is formed.
Phase I: authentication information collection
This process refers to that mainly two interworking entity submit to relevant information to pass through its identity to the dynamic credible third party in territory, place separately and differentiate, by its authentication and acquisition letter of identity or corresponding private key, different with existing identity verification scheme is, this process also comprises entity mutual by another dynamic credible third party (cooperation trusted third party) of being relied on its interworking entity, obtains the trust feedback collection of other entities to this trusted third party;
Second stage: the authentication confidence level is calculated and is differentiated
(1) participates in two mutual entities and independently choose wherein according to the trust feedback collection that is obtained separately that n result constitutes the n metasequence respectively;
(2) entity as input, calculates the confidence level of cooperation trusted third party with the n metasequence according in the network service resource request or the situation that is requested independently being selected an information decision function in the information decision storehouse;
(3) entity according to result of calculation autonomous differentiation whether believe this cooperation trusted third party, if there is the either party to deny its cooperation trusted third party, then authentication failure terminating;
Phase III: authentication information is differentiated alternately
This process is similar to identity identifying method commonly used, be that interworking entity provides relevant information to each other, both sides adopt based on cryptological public base theory, differentiate separately the legitimacy of the letter of identity of holding or private key, if each side's discrimination result is very, be that mutual both sides believe that each other the other side has legal identity, then enters next stage; If it is vacation that a certain side differentiates the result, then illustrate have at least among the mutual both sides side do not believe with the opposing party be its alleged validated user, the authentication failure terminating;
Quadravalence section: authentication information feedback
Entity carries out afterwards feedback information to the behavior of trusted third party in the network service in its territory, place, if entity is found this dynamic credible third party and exists malice to pretend to be or steal the possibility of its and other entity interaction information that it will be decided in its sole discretion and feed back a special value to influence the confidence level calculating of this trusted third party after having issued certificate for it or having produced private key.
Under the normal condition (possibility of getting rid of certificate issuance failure or certificate expired, trusted third party's end of life), described based in the third-party identity verification scheme of dynamic credible, the authentication failure has two kinds of possibilities: the one, and occur in authentication information and differentiate the stage alternately, be the failure that the entity authentication information interaction is differentiated, a certain side finds that the information that another partner holds can not illustrate that it is a validated user; Another kind may occur in the authentication confidence level and calculate and the differentiation stage, this is that other existing identity verification scheme are not available, be that entity finds that by subjective differentiation it is insincere or credibility is not enough according to the trust feedback collection of cooperation trusted third party, then refusal carries out authentication with interworking entity.
Beneficial effect: of the present invention based in the third-party authentication embodiment of dynamic credible, the dynamic credible third party who makes up is as the authorized person and the Primary Actor of authentication information needed, can issue letter of identity or produce private key for interworking entity, because additionally having increased record, it trusts the function of feeding back, make each interworking entity to calculate the cooperation dynamic credible third-party confidence level mutual by trusting the feedback collection with it in advance, make decisions on one's own confidence level with its this cooperation trusted third party, thus the reliability of authentication improved; And, entity can carry out feedback information in time to the dynamic credible third party who gives its authentication information, the behavior of trusted third party has strengthened entity to the third-party controllability of the dynamic credible that is relied under the interference and monitoring of entity, realized highly reliable, controlled authentication.Specifically, scheme of the present invention has following beneficial effect:
(1) scheme has improved the reliability of trusted third party in the authentication process.Compare with existing identity verification scheme, though the dynamic credible third party still mainly is responsible for signing and issuing of authentication information, but because of its authentication information of signing and issuing no longer is that unique foundation that the inter-entity authentication is succeedd makes risk that it faces and the attack that may meet with reduce, certificate that acquisition dynamic credible third party signs and issues or private key can not be guaranteed entity fully finally by authentication, thereby have weakened the trust degree of dependence of entity to trusted third party; Moreover the trust feedback information of its storage can not make its main object that becomes attack because final n metasequence choose and trust decisions will independently be realized by interworking entity; In addition, dynamic credible third party in each territory is determined by the territory, certain life cycle is arranged, if this trusted third party's stored feedback information represents that its confidence level is too low, then the territory can redefine a dynamic credible third party, and the reliability that participates in the trusted third party of interactive authentication in the certain hour scope has obtained higher guarantee.
(2) scheme has strengthened interworking entity to the third-party controllability of the dynamic credible of issuing or sign and issue its authentication information.Compare with existing identity verification scheme, this scheme has realized afterwards interference and the monitoring of entity to dynamic credible third party act of authentication, entity is after obtaining the network service, terminal stage in authentication has increased an authentication information feedback stage, by this stage, entity can carry out effective feedback to the dishonest conduct of trusted third party.In addition, because this feedback information is independently selected the trust decisions function by entity and directly is not shown in the trust decisions, can not reach its its intended purposes even cause trusted third party to do the malice change.
(3) scheme has improved the efficient of authentication.This shows that mainly entity pair carries out with it on trust decisions of mutual cooperation trusted third party, have only after the mutual with it cooperation trusted third party that entity relied on of the autonomous decision of entity has passed through the confidence level decision-making, just can enter the phase III of authentication embodiment.
(4) scheme meets the characteristic of open network.Open network has dynamically, the isomery characteristic, and this scheme is independently chosen the trust decisions function by entity according to the trust feedback collection of gained, meets the isomery characteristic of the different management domains of open network; Entity no longer is unconditional trust dynamic credible third party blindly, calculate and the differentiation stage and increased the authentication confidence level, make entity to the trust of trusted third party along with third-party behavior generation dynamic change, static, suppose that the third party must be that believable this precondition is no longer set up fully in advance.
Description of drawings
Fig. 1 is based on the system assumption diagram of the third-party authentication of dynamic credible.
Fig. 2 is based on the four-stage overall procedure schematic diagram that the third-party authentication embodiment of dynamic credible is comprised.
Fig. 3 is based on the detailed process schematic diagram of authentication information acquisition phase in the third-party authentication embodiment of dynamic credible.
Fig. 4 is based on the calculating of authentication confidence level and the detailed process schematic diagram in differentiation stage in the third-party authentication embodiment of dynamic credible.
Embodiment
For authentication embodiment of the present invention is described, we provide following most preferred embodiment, in the more detailed description open network based on the third-party authentication embodiment of dynamic credible.
According among Fig. 1 given authentication system assumption diagram, the interworking entity of supposing to participate in the open network authentication is A and B, wherein: A is the resources requesting party, B is a resource provider, the territory at their places is respectively D aAnd D bAnd, suppose in the certain hour section territory D aSelected dynamic credible third party is designated as C a, territory D bSelected dynamic credible third party is designated as C b, the authentication specific embodiment is between entity A that the present invention sets forth and the B:
Phase I: authentication information collection
(1) entity A and B produce a public private key pair respectively and to C aAnd C bSubmit some essential informations to, so that its identity and relevant attribute separately to be described, as the letter of identity of a unsigned, wherein comprise physical name, PKI and entity add the from date in this territory;
(2) C aAnd C bWhether the information of verifying the entity submission respectively is correct: if situation is true, then its letter of identity is signed, and effective letter of identity is returned to entity, otherwise will not sign and issue letter of identity, authentication can't normally be carried out failure terminating;
(3) it is mutual that entity A and B carry out information gathering, goes on foot according to following six and carry out:
The first step, A submits its letter of identity, timestamp nonce1, a place domain name D to B a, employed dynamic credible third party C aAnd C aPKI;
In second step, B utilizes C aThe authenticity of public key verifications A certificate, if checking do not pass through, then authentication process is with failure terminating, otherwise returns nonce1;
The 3rd step, B and C aCarry out alternately, read it and trust feedback collection S 1
In the 4th step, B submits its letter of identity, another timestamp nonce2, place domain name D to A b, employed dynamic credible third party C bAnd C bPKI;
In the 5th step, A utilizes C bThe authenticity of public key verifications B certificate, if checking do not pass through, then authentication process is with failure terminating, otherwise returns nonce2;
The 6th step, A and C bCarry out alternately, read it and trust feedback collection S 2
Second stage: the authentication confidence level is calculated and is differentiated
(1) B trusts feedback collection S with gained 1In element choose wherein recently that n result constitutes a n metasequence (t 1, t 2, t 3..., t n), 0≤t wherein i≤ 1, like this can be preferably with C aIts creditability measurement is introduced in nearest behavior;
(2) B is according to t in the n metasequence iValue and the purpose of authentication, independently choose this territory D bA decision function in the trust decisions storehouse, as utilize averaging method to calculate the C of cooperation trusted third party aCurrent confidence level t a
(3) B is according to result of calculation t aWhether autonomous differentiation believes the C of this cooperation trusted third party a, as set a door and fall into t 0Be 0.6, if t aT 0, then the C of its cooperation trusted third party is believed in the B decision a, otherwise the authentication failure terminating;
(4) A trusts feedback collection S with gained 2In element choose wherein recently that n result constitutes a n metasequence (t 1', t 2', t 3' ..., t n'), 0≤t wherein i'≤1;
(5) A is according to t in the n metasequence i' value and the purpose of authentication, independently choose this territory D aA decision function in the trust decisions storehouse, as utilize averaging method to calculate the C of cooperation trusted third party bCurrent confidence level t b
(6) A is according to result of calculation t bWhether autonomous differentiation believes the C of this cooperation trusted third party b, as set another door and fall into t 0' be 0.8 (B is a resource provider, can choose than the gate and fall into value to guarantee its credibility), if t bT 0', then the C of its cooperation trusted third party is believed in the A decision b, otherwise the authentication failure terminating;
Phase III: authentication information is differentiated alternately
(1) B produces a random number r b, and it is passed to A;
(2) A utilizes its private key to sign, and the result is returned to B;
(3) after B utilizes the PKI of A to be decrypted the gained result, obtain a value and with it and random number r bCompare, if both are identical, then B believes that the letter of identity that A holds is a legal and valid, otherwise the authentication failure terminating;
(4) A produces a random number r a, and it is passed to B;
(5) B utilizes its private key to sign, and the result is returned to A;
(6) after A utilizes the PKI of B to be decrypted the gained result, obtain a value and with it and random number r aCompare, if both are identical, then A believes that the letter of identity that B holds is a legal and valid, otherwise the authentication failure terminating;
Quadravalence section: authentication information feedback
The letter of identity of believing the other side each other and being held at A and B is a legal and valid, and after it is fulfiled the service of corresponding network, for to the dynamic credible that is relied on separately third-party behavior monitor, guarantee controllability that it is signed and issued behavior behind the valid certificate, A and B are respectively to dynamic credible third party C aAnd C bTrust feedback: if A finds C aPretend to be its validated user identity, then A feeds back to C aA lower trust value is as 0.001, otherwise returns a normal value 0.899, if B finds C bPretend to be its validated user identity, then B feeds back to C bA lower trust value is as 0.001, otherwise returns a normal value 0.899.

Claims (1)

1, in a kind of open network based on the third-party identity identifying method of dynamic credible, it is characterized in that using distributed computing method, trusted computing method and trust management method make up and comprise the trust decisions storehouse, entity three parts of dynamic credible third party and the service of participation network are main member's authentication system structure, entity can obtain the third-party trust feedback of the dynamic credible collection that mutual side is relied on when implementing authentication, and by the credible computing function of the autonomous selection in trust decisions storehouse, calculate the third-party confidence level of this dynamic credible, the result is applied in the authentication decision-making; On the other hand, entity also has the function that the third-party behavior of the dynamic credible that relies on to self is fed back, and described method specifically is made up of following four-stage:
Phase I: authentication information collection
This process refers to that mainly two interworking entity submit to relevant information to pass through its identity to the dynamic credible third party in territory, place separately and differentiate, by its authentication and acquisition letter of identity or corresponding private key, it is third-party mutual by another dynamic credible that is relied on its interworking entity that this process also comprises entity, obtains the trust feedback collection of other entities to this trusted third party;
Second stage: the authentication confidence level is calculated and is differentiated
A. participate in two mutual entities and independently choose wherein according to the trust obtained separately feedback collection that n result constitutes the n metasequence respectively;
B. entity as input, calculates the confidence level of cooperation trusted third party with the n metasequence according in the network service resource request or the situation that is requested independently being selected an information decision function in the information decision storehouse;
C. entity according to result of calculation autonomous differentiation whether believe this cooperation trusted third party, if there is the either party to deny its cooperation trusted third party, then authentication failure terminating;
Phase III: authentication information is differentiated alternately
This process is similar to identity identifying method commonly used, be that interworking entity provides relevant information to each other, both sides adopt based on cryptological public base theory, differentiate separately the legitimacy of the letter of identity of holding or private key, if each side's discrimination result is very, be that mutual both sides believe that each other the other side has legal identity, then enters next stage; If it is vacation that a certain side differentiates the result, then illustrate have at least among the mutual both sides side do not believe with the opposing party be its alleged validated user, the authentication failure terminating;
Quadravalence section: authentication information feedback
Entity carries out afterwards feedback information to the behavior of trusted third party in the network service in its territory, place, if entity is found this dynamic credible third party and exists malice to pretend to be or steal the possibility of its and other entity interaction information that it will be decided in its sole discretion and feed back a special value to influence the confidence level calculating of this trusted third party after having issued certificate for it or having produced private key.
CN200810155720XA 2008-10-08 2008-10-08 Identification authentication method of open network based on dynamic credible third-party Expired - Fee Related CN101378318B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN200810155720XA CN101378318B (en) 2008-10-08 2008-10-08 Identification authentication method of open network based on dynamic credible third-party

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN200810155720XA CN101378318B (en) 2008-10-08 2008-10-08 Identification authentication method of open network based on dynamic credible third-party

Publications (2)

Publication Number Publication Date
CN101378318A true CN101378318A (en) 2009-03-04
CN101378318B CN101378318B (en) 2010-09-15

Family

ID=40421679

Family Applications (1)

Application Number Title Priority Date Filing Date
CN200810155720XA Expired - Fee Related CN101378318B (en) 2008-10-08 2008-10-08 Identification authentication method of open network based on dynamic credible third-party

Country Status (1)

Country Link
CN (1) CN101378318B (en)

Cited By (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2010121474A1 (en) * 2009-04-21 2010-10-28 西安西电捷通无线网络通信有限公司 Platform authentication and management method adapted to ternary-peer authenticating trusted network connection architecture
CN101635624B (en) * 2009-09-02 2011-06-01 西安西电捷通无线网络通信股份有限公司 Method for authenticating entities by introducing online trusted third party
CN103069774A (en) * 2010-08-24 2013-04-24 思科技术公司 Securely accessing an advertised service
WO2017059736A1 (en) * 2015-10-10 2017-04-13 西安西电捷通无线网络通信股份有限公司 Method and device for verifying validity of identity of entity
WO2017059735A1 (en) * 2015-10-10 2017-04-13 西安西电捷通无线网络通信股份有限公司 Multi-ttp-based method and device for verifying validity of identity of entity
WO2017059753A1 (en) * 2015-10-10 2017-04-13 西安西电捷通无线网络通信股份有限公司 Multi-ttp-based method and device for verifying validity of identity of entity
WO2017059744A1 (en) * 2015-10-10 2017-04-13 西安西电捷通无线网络通信股份有限公司 Multi-ttp-based method and device for verifying validity of identity of entity
CN106571920A (en) * 2015-10-10 2017-04-19 西安西电捷通无线网络通信股份有限公司 Method and apparatus for verifying entity identity validity with multiple TTPs
CN106571919A (en) * 2015-10-10 2017-04-19 西安西电捷通无线网络通信股份有限公司 Method and apparatus for effectiveness verification of entity identity
CN107342975A (en) * 2016-12-21 2017-11-10 安徽师范大学 Trust computational methods based on domain division under insincere cloud environment

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6363365B1 (en) * 1998-05-12 2002-03-26 International Business Machines Corp. Mechanism for secure tendering in an open electronic network
CN101242400A (en) * 2007-02-09 2008-08-13 中国电信股份有限公司 System and method for realizing network click dialing capability based on HTTP redirection
CN100591015C (en) * 2008-03-11 2010-02-17 南京邮电大学 Dynamic accesses control method based on trust model

Cited By (22)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2010121474A1 (en) * 2009-04-21 2010-10-28 西安西电捷通无线网络通信有限公司 Platform authentication and management method adapted to ternary-peer authenticating trusted network connection architecture
CN101635624B (en) * 2009-09-02 2011-06-01 西安西电捷通无线网络通信股份有限公司 Method for authenticating entities by introducing online trusted third party
CN103069774A (en) * 2010-08-24 2013-04-24 思科技术公司 Securely accessing an advertised service
CN103069774B (en) * 2010-08-24 2015-12-16 思科技术公司 Access the service notified safely
CN106571920A (en) * 2015-10-10 2017-04-19 西安西电捷通无线网络通信股份有限公司 Method and apparatus for verifying entity identity validity with multiple TTPs
CN106571921B (en) * 2015-10-10 2019-11-22 西安西电捷通无线网络通信股份有限公司 A kind of entity identities validation verification method and device thereof
WO2017059753A1 (en) * 2015-10-10 2017-04-13 西安西电捷通无线网络通信股份有限公司 Multi-ttp-based method and device for verifying validity of identity of entity
WO2017059744A1 (en) * 2015-10-10 2017-04-13 西安西电捷通无线网络通信股份有限公司 Multi-ttp-based method and device for verifying validity of identity of entity
CN106571921A (en) * 2015-10-10 2017-04-19 西安西电捷通无线网络通信股份有限公司 Entity identity effectiveness verification method and device
CN106572064A (en) * 2015-10-10 2017-04-19 西安西电捷通无线网络通信股份有限公司 Method and apparatus for verifying entity identity validity with multiple TTPs
WO2017059736A1 (en) * 2015-10-10 2017-04-13 西安西电捷通无线网络通信股份有限公司 Method and device for verifying validity of identity of entity
CN106572063A (en) * 2015-10-10 2017-04-19 西安西电捷通无线网络通信股份有限公司 Multi-TTP participation entity identity legitimacy verification method and device
CN106571919A (en) * 2015-10-10 2017-04-19 西安西电捷通无线网络通信股份有限公司 Method and apparatus for effectiveness verification of entity identity
US10681045B2 (en) 2015-10-10 2020-06-09 China Iwncomm Co., Ltd. Multi-TTP-based method and device for verifying validity of identity of entity
CN106571919B (en) * 2015-10-10 2019-10-29 西安西电捷通无线网络通信股份有限公司 A kind of entity identities validation verification method and device thereof
CN106572063B (en) * 2015-10-10 2019-10-29 西安西电捷通无线网络通信股份有限公司 A kind of entity identities validation verification method and device that more TTP are participated in
CN106572064B (en) * 2015-10-10 2019-10-29 西安西电捷通无线网络通信股份有限公司 A kind of entity identities validation verification method and device that more TTP are participated in
WO2017059735A1 (en) * 2015-10-10 2017-04-13 西安西电捷通无线网络通信股份有限公司 Multi-ttp-based method and device for verifying validity of identity of entity
US10652029B2 (en) 2015-10-10 2020-05-12 China Iwncomm Co., Ltd. Multi-TTP-based method and device for verifying validity of identity of entity
US10615978B2 (en) 2015-10-10 2020-04-07 China Iwncomm Co., Ltd. Multi-TTP-based method and device for verifying validity of identity of entity
CN107342975B (en) * 2016-12-21 2020-03-24 安徽师范大学 Domain division-based trust computing method in untrusted cloud environment
CN107342975A (en) * 2016-12-21 2017-11-10 安徽师范大学 Trust computational methods based on domain division under insincere cloud environment

Also Published As

Publication number Publication date
CN101378318B (en) 2010-09-15

Similar Documents

Publication Publication Date Title
CN101378318B (en) Identification authentication method of open network based on dynamic credible third-party
Zhang et al. Security and privacy on blockchain
Zhang et al. Blockchain-based decentralized and secure keyless signature scheme for smart grid
Borge et al. Proof-of-personhood: Redemocratizing permissionless cryptocurrencies
CN107196762B (en) Big data oriented power determining method
Wu et al. Enabling data trustworthiness and user privacy in mobile crowdsensing
Li et al. BCSE: Blockchain-based trusted service evaluation model over big data
CN114710275B (en) Cross-domain authentication and key negotiation method based on blockchain in Internet of things environment
CN114389811B (en) Cross-domain authentication method based on medical alliance chain
Zhang et al. Blockchain-based secure equipment diagnosis mechanism of smart grid
Du et al. Certificateless proxy multi-signature
Bao et al. Bbnp: a blockchain-based novel paradigm for fair and secure smart grid communications
Ma et al. Lightweight and privacy-preserving data aggregation for mobile multimedia security
Martucci et al. Self-certified sybil-free pseudonyms
CN110945833B (en) Method and system for multi-mode identification network privacy protection and identity management
Shin et al. A new distributed, decentralized privacy-preserving ID registration system
Jiang et al. Report when malicious: Deniable and accountable searchable message-moderation system
Liu et al. Cross-heterogeneous domain authentication scheme based on blockchain
Li et al. A new revocable reputation evaluation system based on blockchain
Liu et al. A trusted proof mechanism of data source for smart city
Shim Design principles of secure certificateless signature and aggregate signature schemes for IoT environments
Lian et al. Periodic $ K $-Times Anonymous Authentication With Efficient Revocation of Violator’s Credential
KR101407945B1 (en) Anonymous authentication service method for providing local linkability
Quercia et al. Tata: Towards anonymous trusted authentication
Wang Another look at ALGORAND

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
EE01 Entry into force of recordation of patent licensing contract

Application publication date: 20090304

Assignee: JIANGSU AISINO TECHNOLOGY Co.,Ltd.

Assignor: NANJING University OF POSTS AND TELECOMMUNICATIONS

Contract record no.: 2013320000170

Denomination of invention: Identification authentication method of open network base on dynamic credible third-party

Granted publication date: 20100915

License type: Exclusive License

Record date: 20130320

LICC Enforcement, change and cancellation of record of contracts on the licence for exploitation of a patent or utility model
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20100915