摘要:
针对现有安全认证协议中存在无数学模型、层次结构不清晰、适用范围窄的问题,提出协议组合推导系统。将安全协议按安全目标分为3个层次,第1层是密钥交换与身份认证属性的实现,第2层是效率提升与预防拒绝服务攻击的实现,第3层是安全协议的形式化理论分析与自动化测试工具验证安全协议的安全属性。仿真结果表明,该系统可实现安全协议的形式化设计,并可根据需要予以扩充。
关键词:
安全认证,
形式化设计,
协议组合推导系统
Abstract:
Aiming at the problem of lacking mathematics model, level structure no clarity and application rang narrow in security authentication protocol, this paper presents protocol composition deduction system. It divides the design of security protocols into three levels. The first level is realizing basic key exchange and identity verification, the second level is the efficiency promotion and realization mechanism of defending denial of service attack, the third level is the security analysis of security protocols and verifying the security properties by automatic test tool. Simulation results show that this system can realize formal design for security authentication protocol, and it can be conveniently extended and transplanted according to need.
Key words:
security authentication,
formal design,
Protocol Composition Deduction System(PCDS) security authentication,
formal design,
Protocol Composition Deduction System(PCDS)
中图分类号:
王惠斌, 祝跃飞. 安全认证中的协议组合推导系统[J]. 计算机工程, 2010, 36(11): 5-7,10.
WANG Hui-bin1,2, ZHU Yue-fei1. Protocol Composition Deduction System in Security Authentication[J]. Computer Engineering, 2010, 36(11): 5-7,10.