Trusted Computing Platform Application In Authentication And Authorization System

With the continuous advancement of information construction of large enterprises and institutions,the business systems of different developers,different time,different functions,different systems framework have been developed and put into use.Each business system has its own authentication mechanism,user data format and management mode.In order to solve the problem of save the key,system management wedding,and poor scalability,unified authentication and authorization management is a popular solution.However,due to the increase of network threats and the surge in users,the implementation of unified authentication and authorization management makes the system security and efficiency face more severe challenges.Trusted Computing Platform has provided the basic hardware support for solving the security problem of the unified authentication and authorization system,but it also limits the system's authentication efficiency.Therefore,it is urgent to design a trusted computing platform for the authentication and authorization management system,to implement a unified authentication and authorization management,and to ensure the system security and simultaneously take into account the authentication efficiency.In this paper,we study the trusted computing platform and the authentication and authorization management technology.For both at home and abroad focuses on the research of trusted computing platform itself,and rarely combine the trusted computing platform with the authentication and authorization system,to solve authentication and authorization system in the presence of terminal security flaws and low authentication efficiency.This paper mainly includes the research and implementation of six functional modules,which are authentication and authorization client module,authentication and authorization client proxy module,authentication and authorization service interface module,authentication and authorization service proxy module,certificate server proxy module,certificate server client module.The main results of this paper are as follows:(1)Design a trusted measurement algorithm.Considering the influence of user identity credibility,platform state credibility and historical access record,the trusted computing platform is designed based on trusted computing platform,which can reflect the real situation of the users and provide support for the design of dynamic authentication protocol.(2)Design an authentication protocol based on trusted computing platform.Based on the algorithm of the reliability,the paper designs a dynamic authentication protocol based on trusted computing platform,and applies it to the authentication process of the authentication and authorization system,and effectively improves the system authentication efficiency.After testing,in the user access records meet certain conditions,the certification efficiency increased by 36.4%.(3)Design and implementation of the unified authentication management functions,authorization management functions,certificate management functions under the trusted computing platform,the integration of different business systems,the implementation of unified authentication and authorization management,improve the work efficiency.