| With the development of Internet technology with cloud computing, big data as the core, traditional information system and Internet application system are gradually merging. Under the influence of the concept, Software as a Service, the background of information system is transplanted to cloud computing environment. As a result, it can make full use of the advantages of cloud computing technology to complete the multifarious work such as construction,service and maintenance of information system. The user can get efficient service through Web information system conveniently. In cloud computing, however,under the concept of "resource sharing, demand assignment", information system will be deployed in a distributed environment. Therefore, it's important security research direction to ensure the security of cloud architecture information system,especially the trust certification relationship between system and client and each physical independent unit of the distributed information system, to ensure reliable identity among the entities.This paper selects the application information system built on Hadoop platform as the research object, researches and designs its identity authentication scheme combined with PKI(public key infrastructure) technology, which is implemented. At the same time, it improves the parallel implementation of RSA encryption/decryption process under PKI. The main research contents are as follows:First of all, it researches and analyzes the algorithm principle of RSA.Aiming at low efficiency of power modular arithmetic of big integer in the process of encryption/decryption, it puts forward multi-threading RSA encryption/decryption process by parallel power modular arithmetic under binary serialization.Secondly, it researches Kerberos identity authentication mechanism underHadoop platform. Aiming at the security issues like time synchronization, KDC security and denial mechanism in identity authentication, to put forward solution of Hadoop identity authentication based on PKI. It is designed and implemented from PKI client/server, entity initialization of authentication server and distributed individual authentication protocol.Finally, to simulate parallel RSA encryption/decryption process by multithreading processor. The results show that the improved algorithm has increased by 17% in time compared with the original algorithm. It verifies the feasibility of PKI identity authentication from cluster expansion, reading and writing of client through the experiment platform of Hadoop application information system. Time contrast experiment of the two authentication scheme,PKI and Kerberos, shows that the time efficiency of PKI authentication is higher. |
PDF Full Text Request