In the open network based on the third-party identity identifying method of dynamic credible
Technical field
The present invention relates to a kind of embodiment that in open network, realizes authentication, mainly utilize distributed computing technology, reliable computing technology and trust management technology to solve the problem of inter-entity authentication in the open network, belong to Distributed Calculation, information security, instant messaging interleaving techniques application.
Background technology
Deeply popularize and the continuous expansion of network impel new application demand and application model to continue to bring out, and are that the open network of main target becomes domestic and international noticeable research field just gradually with resource-sharing, cooperation with service.Open network is more complicated than general networking situation, mainly shows: participate in that entity dynamically changeable, number are numerous, not know each other situation mutually to each other in the majority, the environment isomerism is strong, dynamic change is fast, and the central role of central server is further weakened.Authentication safely and effectively becomes the particularly challenging work in the authentication mechanism of open network security mechanism between the strange entity that how to guarantee to participate in serving.Authentication comprises authentication and two main aspects of behavior authentication, and wherein authentication is the basis of realization behavior authentication, and the behavior authentication is necessity continuity of authentication.Set up rationally, authentication efficiently is the important prerequisite that safety realizes the network service.
Existing security means mainly solves authentication question from following two aspects: be the inter-entity behavior authentication question that is closely connected with trust on the one hand, it be conceived to utilize in different application models according to application demand break the wall of mistrust model, realize that trust metrics and dependent credit administrative skill solve the behavior authentication of inter-entity, be one of focus of Distributed Calculation field research at present.It is by the accumulation of the trust between interworking entity and trust the credibility of recommending or transmitting the decision entity, thereby the realization behavior authenticates, for the network service provides the authorization decision foundation.Be traditional identity identifying technology (encryption, digital signature) on the other hand, it mainly depends on the intervention of trusted third party, realizes the authentication of inter-entity identity by public key cryptography technology.
Though existing authentication techniques are applied to realize that with the trust management technology behavior of inter-entity authenticates, and often all depend on complete believable third party in the solution process of authentication.In traditional identity verification scheme based on PKIX, each entity is all by obtaining the letter of identity realization authentication that a certain CA is issued, thereby cause this CA to become the bottleneck of network service and the object of being attacked easily, cause single point failure, third-party reliability can not effectively be guaranteed; On the other hand, in order to simplify a large sum of expense that certificate is set up and administrative institute brings, people have proposed to be applied to realize authentication based on the cryptography of sign and with it on the basis of PKIX.In this case, though each entity need not by realizing authentication to trusted third party application certificate, but still needing a private key production center serve as complete believable third party, is its calculating and propagation that realizes private key.The private key of all entities in this territory is known in this private key production center, exist malice to pretend to be or read the inter-entity interactive information and entity can't propose the effectively possibility of accusation to its fraud, make entity provide the behavior of service not have controllability trusted third party.Thereby though in cryptographic research field also some scholar proposed the thought that falls into by door and the task of the CA or the private key production center is shared two or colony reach and share or the effect of its function that weakens, but the precondition that these certificate schemes are set up all is to think that the one or more third parties that relied on are believable fully before entity interaction, and they also are believable in whole network service, this static trust is supposed prerequisite and is not met the dynamic characteristic of entity in the open network environment, thereby must consider the credible problem of dynamic behaviour of trusted third party when realizing the inter-entity authentication.
Summary of the invention
Technical problem: the objective of the invention is in open network, to provide in a kind of open network based on the third-party identity identifying method of dynamic credible, based on cryptography theory, fusion reliable computing technology and trust management technology, in open network, make up the third party of dynamic credible, and realize that on this basis inter-entity has the authentication of high reliability, controllability characteristics, to adapt to the open network dynamic characteristic, solve the deficiency of implementation method in the current open network safety identification authentication technology.
Technical scheme: identity identifying method of the present invention is: open network by several toward each other independently the territory form, comprise plurality of network entity and one in each territory and be called as the third-party entity of dynamic credible.Different with other entities, this entity does not participate in the open network service, but only provides telecommunications services for authentication.Each territory has certain independence, entity is applied to the authentication decision-making according to the autonomous trust value of the relevant trusted third party of a kind of trust decisions function calculation of selecting in the trust decisions storehouse in this territory with it in the territory, thereby realizes the safety identification authentication of high reliability, controllability between interworking entity.
One, architecture
Of the present inventionly mainly form by trust decisions storehouse, dynamic credible third party, entity three parts that participate in the network service based on the third-party authentication architecture of dynamic credible.
Be the functional description of these three major parts below:
Trust decisions storehouse: form by several trust decisions functions, each decision function all has input, output two parts, input is a n metasequence, the interworking entity feedback information that obtains after third-party n the participation authentication of a certain dynamic credible of this serial response is output as the third-party current confidence level of this dynamic credible.
The dynamic credible third party: by the unique establishment in territory, certain life cycle is arranged, this entity is responsible for participating in the authentication of all interworking entity in this territory; Remove and have the entity identities of the discriminating true and false, issue its effective letter of identity or finish private key production and propagate outside these conventional func, the also additional function of this dynamic credible third party: i.e. promising its of record institute set up the feedback information of the interworking entity of letter of identity or private key to this trusted third party authentication service behavior, and this trusts is fed back to collect for its behavior confidence level of the follow-up differentiation of other entities provides foundation.
Participate in the entity of network service: be the main body in the open network service, it is responsible for the screening of n metasequence and choosing of trust decisions function, and this entity is realized issuing for it letter of identity or produced the third-party trust feedback of dynamic credible of private key for it; In addition, it is the confidence level calculating and the decision-making of another trusted third party that entity is also born mutual with it entity identities Certificate Authority person, and this result of decision will directly influence this entity and whether participate in follow-up authentication.
Two, authentication embodiment flow process
Authentication embodiment of the present invention is differentiated alternately by authentication information collection, the calculating of authentication confidence level and differentiation, authentication information and authentication information feedback four-stage is formed.
Phase I: authentication information collection
This process refers to that mainly two interworking entity submit to relevant information to pass through its identity to the dynamic credible third party in territory, place separately and differentiate, by its authentication and acquisition letter of identity or corresponding private key, different with existing identity verification scheme is, this process also comprises entity mutual by another dynamic credible third party (cooperation trusted third party) of being relied on its interworking entity, obtains the trust feedback collection of other entities to this trusted third party;
Second stage: the authentication confidence level is calculated and is differentiated
(1) participates in two mutual entities and independently choose wherein according to the trust feedback collection that is obtained separately that n result constitutes the n metasequence respectively;
(2) entity as input, calculates the confidence level of cooperation trusted third party with the n metasequence according in the network service resource request or the situation that is requested independently being selected an information decision function in the information decision storehouse;
(3) entity according to result of calculation autonomous differentiation whether believe this cooperation trusted third party, if there is the either party to deny its cooperation trusted third party, then authentication failure terminating;
Phase III: authentication information is differentiated alternately
This process is similar to identity identifying method commonly used, be that interworking entity provides relevant information to each other, both sides adopt based on cryptological public base theory, differentiate separately the legitimacy of the letter of identity of holding or private key, if each side's discrimination result is very, be that mutual both sides believe that each other the other side has legal identity, then enters next stage; If it is vacation that a certain side differentiates the result, then illustrate have at least among the mutual both sides side do not believe with the opposing party be its alleged validated user, the authentication failure terminating;
Quadravalence section: authentication information feedback
Entity carries out afterwards feedback information to the behavior of trusted third party in the network service in its territory, place, if entity is found this dynamic credible third party and exists malice to pretend to be or steal the possibility of its and other entity interaction information that it will be decided in its sole discretion and feed back a special value to influence the confidence level calculating of this trusted third party after having issued certificate for it or having produced private key.
Under the normal condition (possibility of getting rid of certificate issuance failure or certificate expired, trusted third party's end of life), described based in the third-party identity verification scheme of dynamic credible, the authentication failure has two kinds of possibilities: the one, and occur in authentication information and differentiate the stage alternately, be the failure that the entity authentication information interaction is differentiated, a certain side finds that the information that another partner holds can not illustrate that it is a validated user; Another kind may occur in the authentication confidence level and calculate and the differentiation stage, this is that other existing identity verification scheme are not available, be that entity finds that by subjective differentiation it is insincere or credibility is not enough according to the trust feedback collection of cooperation trusted third party, then refusal carries out authentication with interworking entity.
Beneficial effect: of the present invention based in the third-party authentication embodiment of dynamic credible, the dynamic credible third party who makes up is as the authorized person and the Primary Actor of authentication information needed, can issue letter of identity or produce private key for interworking entity, because additionally having increased record, it trusts the function of feeding back, make each interworking entity to calculate the cooperation dynamic credible third-party confidence level mutual by trusting the feedback collection with it in advance, make decisions on one's own confidence level with its this cooperation trusted third party, thus the reliability of authentication improved; And, entity can carry out feedback information in time to the dynamic credible third party who gives its authentication information, the behavior of trusted third party has strengthened entity to the third-party controllability of the dynamic credible that is relied under the interference and monitoring of entity, realized highly reliable, controlled authentication.Specifically, scheme of the present invention has following beneficial effect:
(1) scheme has improved the reliability of trusted third party in the authentication process.Compare with existing identity verification scheme, though the dynamic credible third party still mainly is responsible for signing and issuing of authentication information, but because of its authentication information of signing and issuing no longer is that unique foundation that the inter-entity authentication is succeedd makes risk that it faces and the attack that may meet with reduce, certificate that acquisition dynamic credible third party signs and issues or private key can not be guaranteed entity fully finally by authentication, thereby have weakened the trust degree of dependence of entity to trusted third party; Moreover the trust feedback information of its storage can not make its main object that becomes attack because final n metasequence choose and trust decisions will independently be realized by interworking entity; In addition, dynamic credible third party in each territory is determined by the territory, certain life cycle is arranged, if this trusted third party's stored feedback information represents that its confidence level is too low, then the territory can redefine a dynamic credible third party, and the reliability that participates in the trusted third party of interactive authentication in the certain hour scope has obtained higher guarantee.
(2) scheme has strengthened interworking entity to the third-party controllability of the dynamic credible of issuing or sign and issue its authentication information.Compare with existing identity verification scheme, this scheme has realized afterwards interference and the monitoring of entity to dynamic credible third party act of authentication, entity is after obtaining the network service, terminal stage in authentication has increased an authentication information feedback stage, by this stage, entity can carry out effective feedback to the dishonest conduct of trusted third party.In addition, because this feedback information is independently selected the trust decisions function by entity and directly is not shown in the trust decisions, can not reach its its intended purposes even cause trusted third party to do the malice change.
(3) scheme has improved the efficient of authentication.This shows that mainly entity pair carries out with it on trust decisions of mutual cooperation trusted third party, have only after the mutual with it cooperation trusted third party that entity relied on of the autonomous decision of entity has passed through the confidence level decision-making, just can enter the phase III of authentication embodiment.
(4) scheme meets the characteristic of open network.Open network has dynamically, the isomery characteristic, and this scheme is independently chosen the trust decisions function by entity according to the trust feedback collection of gained, meets the isomery characteristic of the different management domains of open network; Entity no longer is unconditional trust dynamic credible third party blindly, calculate and the differentiation stage and increased the authentication confidence level, make entity to the trust of trusted third party along with third-party behavior generation dynamic change, static, suppose that the third party must be that believable this precondition is no longer set up fully in advance.
Description of drawings
Fig. 1 is based on the system assumption diagram of the third-party authentication of dynamic credible.
Fig. 2 is based on the four-stage overall procedure schematic diagram that the third-party authentication embodiment of dynamic credible is comprised.
Fig. 3 is based on the detailed process schematic diagram of authentication information acquisition phase in the third-party authentication embodiment of dynamic credible.
Fig. 4 is based on the calculating of authentication confidence level and the detailed process schematic diagram in differentiation stage in the third-party authentication embodiment of dynamic credible.
Embodiment
For authentication embodiment of the present invention is described, we provide following most preferred embodiment, in the more detailed description open network based on the third-party authentication embodiment of dynamic credible.
According among Fig. 1 given authentication system assumption diagram, the interworking entity of supposing to participate in the open network authentication is A and B, wherein: A is the resources requesting party, B is a resource provider, the territory at their places is respectively D
aAnd D
bAnd, suppose in the certain hour section territory D
aSelected dynamic credible third party is designated as C
a, territory D
bSelected dynamic credible third party is designated as C
b, the authentication specific embodiment is between entity A that the present invention sets forth and the B:
Phase I: authentication information collection
(1) entity A and B produce a public private key pair respectively and to C
aAnd C
bSubmit some essential informations to, so that its identity and relevant attribute separately to be described, as the letter of identity of a unsigned, wherein comprise physical name, PKI and entity add the from date in this territory;
(2) C
aAnd C
bWhether the information of verifying the entity submission respectively is correct: if situation is true, then its letter of identity is signed, and effective letter of identity is returned to entity, otherwise will not sign and issue letter of identity, authentication can't normally be carried out failure terminating;
(3) it is mutual that entity A and B carry out information gathering, goes on foot according to following six and carry out:
The first step, A submits its letter of identity, timestamp nonce1, a place domain name D to B
a, employed dynamic credible third party C
aAnd C
aPKI;
In second step, B utilizes C
aThe authenticity of public key verifications A certificate, if checking do not pass through, then authentication process is with failure terminating, otherwise returns nonce1;
The 3rd step, B and C
aCarry out alternately, read it and trust feedback collection S
1
In the 4th step, B submits its letter of identity, another timestamp nonce2, place domain name D to A
b, employed dynamic credible third party C
bAnd C
bPKI;
In the 5th step, A utilizes C
bThe authenticity of public key verifications B certificate, if checking do not pass through, then authentication process is with failure terminating, otherwise returns nonce2;
The 6th step, A and C
bCarry out alternately, read it and trust feedback collection S
2
Second stage: the authentication confidence level is calculated and is differentiated
(1) B trusts feedback collection S with gained
1In element choose wherein recently that n result constitutes a n metasequence (t
1, t
2, t
3..., t
n), 0≤t wherein
i≤ 1, like this can be preferably with C
aIts creditability measurement is introduced in nearest behavior;
(2) B is according to t in the n metasequence
iValue and the purpose of authentication, independently choose this territory D
bA decision function in the trust decisions storehouse, as utilize averaging method to calculate the C of cooperation trusted third party
aCurrent confidence level t
a
(3) B is according to result of calculation t
aWhether autonomous differentiation believes the C of this cooperation trusted third party
a, as set a door and fall into t
0Be 0.6, if t
aT
0, then the C of its cooperation trusted third party is believed in the B decision
a, otherwise the authentication failure terminating;
(4) A trusts feedback collection S with gained
2In element choose wherein recently that n result constitutes a n metasequence (t
1', t
2', t
3' ..., t
n'), 0≤t wherein
i'≤1;
(5) A is according to t in the n metasequence
i' value and the purpose of authentication, independently choose this territory D
aA decision function in the trust decisions storehouse, as utilize averaging method to calculate the C of cooperation trusted third party
bCurrent confidence level t
b
(6) A is according to result of calculation t
bWhether autonomous differentiation believes the C of this cooperation trusted third party
b, as set another door and fall into t
0' be 0.8 (B is a resource provider, can choose than the gate and fall into value to guarantee its credibility), if t
bT
0', then the C of its cooperation trusted third party is believed in the A decision
b, otherwise the authentication failure terminating;
Phase III: authentication information is differentiated alternately
(1) B produces a random number r
b, and it is passed to A;
(2) A utilizes its private key to sign, and the result is returned to B;
(3) after B utilizes the PKI of A to be decrypted the gained result, obtain a value and with it and random number r
bCompare, if both are identical, then B believes that the letter of identity that A holds is a legal and valid, otherwise the authentication failure terminating;
(4) A produces a random number r
a, and it is passed to B;
(5) B utilizes its private key to sign, and the result is returned to A;
(6) after A utilizes the PKI of B to be decrypted the gained result, obtain a value and with it and random number r
aCompare, if both are identical, then A believes that the letter of identity that B holds is a legal and valid, otherwise the authentication failure terminating;
Quadravalence section: authentication information feedback
The letter of identity of believing the other side each other and being held at A and B is a legal and valid, and after it is fulfiled the service of corresponding network, for to the dynamic credible that is relied on separately third-party behavior monitor, guarantee controllability that it is signed and issued behavior behind the valid certificate, A and B are respectively to dynamic credible third party C
aAnd C
bTrust feedback: if A finds C
aPretend to be its validated user identity, then A feeds back to C
aA lower trust value is as 0.001, otherwise returns a normal value 0.899, if B finds C
bPretend to be its validated user identity, then B feeds back to C
bA lower trust value is as 0.001, otherwise returns a normal value 0.899.