摘要： 提出一种基于数字签名算法(DSA)的一次性有限授权密码机制。在该机制下，密码拥有者可以在不泄露密码、不访问系统的情况下赋予其他用户临时访问系统的权利，并对访问过程的时间长度和次数具有高度自由的分配和监控能力。该机制在求解离散对数困难性的基础上生成安全性较高的有限授权密码，能有效地防止授权密码被伪造和重复使用，具有较强的实用价值。

关键词: 数字签名算法, 有限授权密码, 访问控制, 防伪造

Abstract: This paper introduces a one-time limited authorization password mechanism based on DSA, which allows password-owner to grant his right to a temporary user without releasing original password and limit the access time and frequency with a high degree of freedom and oversee the access behavior. Based on the difficulty of computing discrete logarithms, the mechanism which has highly practical valuable, can generate limited authorization password safely without being forged or re-used effectively.

Key words: Digital Signature Algorithm(DSA), limited authorization password, access control, nonforgeability

中图分类号: 

• TP309.7