Research And Design Of User Authentication Service System Based On The Identity-based Cryptography In Cloud Computing

In cloud computing environment, the visits between users who belong to different services provider and private cloud become more complex, this also make it difficult for the users to use different cloud services. Unified identity authentication can meet cloud identity management, streamline the authentication process, bring a better user experience and many other certification requirements. At the same time because of the complexity of the authentication system, openness and compatibility of higher requirements, there are more ordeals of security in hybrid cloud environment.Firstly, we analyzed the goals of authentication scheme based on Identity-Based Cryptography(IBC) in cloud computing environment. Aiming at the security goals we have designed an identity based cryptosystem authentication model, which through the PKI technology establish a reliable trust relationship between each cloud servers, in order to ensure public parameters safely transmited in the process of transfer system, we can build a strong scalability, dynamic service composition, ease of use higher certification service system. Based on id cryptosystem can be identification of the entity or any other public information as the user’s public key, so as to solve the public key cryptosystems of PKI public key certificate management of the high complexity of the problem, no longer need to rely on a digital certificate to verify the public key, greatly reduce the complexity of public key cryptography system, avoid the PKI system caused by the CA digital certificate issued certificates are stored, distribution and cancellation, etc. Complex key management work in PKI system, the application of the IBC system and combining the management of the digital certificate can be greatly simplified.Then we studied the detailed process of design and application by IBC of the certification scheme. In cloud computing environment, the key problems need to be solved surrounding the actual needs of the IBC authentication model,we have designed a domain based on the IBC parameters between transfer protocol, and achieved the safety of the system parameters through cross-domain authentication sharing, and analyzed the security performance of the scheme has been proved that the IBC is theoretically proved that the cloud computing environment certification model provides the feasibility of certification services.Finally we improved the private key of the IBC domain suspension mechanism, analyzed the certificate revocation mechanism in the PKI system. Certificate revocation mechanism and the private key revocation problem in IBC have similarities. We analyzes two secret-key revocation scheme based on IBC. By introducing a third party entity in the system to design the cancellation and update of the private key, and prove the scheme is Chosen-plaintext Attack safety.