| As a rapidly developing network information technology,cloud environment has been widely applied.Users can obtain cloud computing services flexibly according to their own needs.However,with the application of cloud computing in People's Daily life,it also brings many new security challenges.How to solve the security threats encountered by users in the process of using cloud computing services has become a key issue that urgently needs to be solved in the current cloud environment.This paper focuses on the following aspects of cross-domain authentication for users in the cloud environment with access to different security domains:(1)Proposed a cross-domain authentication scheme based on heterogeneous systems in the cloud environmentIn-depth analysis of the current system structure and interaction of the cloud,in a cloud environment cross-domain authentication scheme between different authentication system cannot meet the safety requirements cross-realm authentication,put forward two mainstream in a cloud environment certification system(Public Key Infrastructure(PKI)and no certificate of public key cryptosystem)between cross-domain security authentication scheme.The trust domain users of different authentication systems are anonymous,and the anonymous identity is controlled and tracked in real time.In addition,two-way authentication is conducted between users and cloud service providers.In the process of two-way authentication,session negotiation parameters are determined and anonymous access identities are signed between different cryptographic systems.The analysis results show that the scheme can fulfill the requirement of cross-domain authentication among different cryptographic schemes,has high security and reduces the computational cost.(2)An efficient cross-domain authentication protocol for hybrid cryptography in cloud environment is proposed.In the current cloud environment,users need to re-access authentication when they need to access other cloud services while accessing cloud services for the first time across domains.A cross-domain control scheme based on mixed cipher system is proposed.In this scheme,CA is used as the common cross-domain authentication center for users of different authentication systems to authenticate foreign visitors and assign them common cross-domain identity and identity control labels according to the authentication results.It not only realizes the mutual access between different password systems,but also completes the real-time control of users according to the issued identity control label.Once the malicious user is found,it will revoke the user's common cross-domain identity,and mark the malicious user's real name identity.The analysis results show that the new scheme not only satisfies the requirements of non-forgery and high security,but also reduces the computational cost.(3)Put forward a cross-domain authentication identity management framework in the cloud environment.This paper studies the identity management technology in the current cloud environment,and proposes a cross-domain authentication identity management framework for heterogeneous systems in the face of the problems of identity differences between different security domains,the difficulty in trying to exert the trust relationship between different security domains,and the difficulty in evaluating the trust degree.The common cross-domain identity is provided for the mainstream authentication systems PKI,cl-pkc and IBC respectively,which solves the problem that it is difficult to establish trust between security domains of different identity forms. |
PDF Full Text Request