作者投稿和查稿 主编审稿 专家审稿 编委审稿 远程编辑

计算机工程 ›› 2008, Vol. 34 ›› Issue (2): 28-30. doi: 10.3969/j.issn.1000-3428.2008.02.010

• 博士论文 • 上一篇    下一篇

有限授权密码机制

詹 涛1,周兴社1,廖志刚2   

  1. (1. 西北工业大学计算机学院,西安 710072;2. 西安交通大学计算机系统结构与网络研究所,西安 710049)
  • 收稿日期:1900-01-01 修回日期:1900-01-01 出版日期:2008-01-20 发布日期:2008-01-20

Limited Authorization Password Mechanism

ZHAN Tao1, ZHOU Xing-she1, LIAO Zhi-gang2   

  1. (1. Dept. of Computer, Northwest Polytechnical University, Xi’an 710072; 2. Institute of Computer Architecture & Network, Xi’an Jiaotong University, Xi’an 710049)
  • Received:1900-01-01 Revised:1900-01-01 Online:2008-01-20 Published:2008-01-20

摘要: 提出一种基于摘要机制的有限授权密码机制,使得用户可以在不泄漏密码本身的情况下允许其他用户临时拥有访问系统的权力。该机制可以抵抗密码分析攻击、字典攻击和强力破解攻击,具有较强的安全性,也可以扩展用来限制访问次数和访问权限,具有较强的实用性。该文同时给出了一个基于Java实现的原型系统。

关键词: 计算机安全, 有限授权密码, 访问控制

Abstract: A password mechanism based on digest technology is introduced, which allows one granting his right to a temporary user with limited times and access. The mechanism can keep it off analysis attack, dictionary based attack and brute-force attack, and it is easy to extend to limit access count and authorization. A Java prototype system is also introduced.

Key words: computer security, limited authorization password, access control

中图分类号: