作者投稿和查稿 主编审稿 专家审稿 编委审稿 远程编辑

计算机工程 ›› 2012, Vol. 38 ›› Issue (3): 119-120,123. doi: 10.3969/j.issn.1000-3428.2012.03.040

• 安全技术 • 上一篇    下一篇

一种通用的身份模型及其构建流程

曹 源,杨 林,付宗波,喻 波,徐小青   

  1. (国防科学技术大学计算机学院,长沙 410072)
  • 收稿日期:2011-05-17 出版日期:2012-02-05 发布日期:2012-02-05
  • 作者简介:曹 源(1985-),男,博士研究生,主研方向:可信计算,信息安全;杨 林,研究员、博士生导师;付宗波、喻 波,博士研究生;徐小青,硕士研究生

General Identity Model and Its Construction Process

CAO Yuan, YANG Lin, FU Zong-bo, YU Bo, XU Xiao-qing   

  1. (School of Computer, National University of Defense Technology, Changsha 410072, China)
  • Received:2011-05-17 Online:2012-02-05 Published:2012-02-05

摘要: 针对身份管理系统的功能需求以及不同身份管理系统间的融合需求,提出一种通用的身份模型。该模型由用户全局身份标识、本地身份标识、临时身份标识、访问信息组、用户凭证组、用户属性组、可信域组所组成。在此基础上,给出该模型的分阶段构建流程,完成属性和凭证信息的搜集工作以及可信域和访问信息的更新工作。应用结果表明,该模型对现有身份管理系统的融合、身份保护等功能提供了技术支持。

关键词: 通用身份模型, 身份管理, 构建流程, 信任代理

Abstract: Aiming to satisfy identity management function requirements such as federal cross domain access, trust delegation and privacy protection, and the requirements of integration among different identity management systems, it proposes a general identity model in this paper. These models consist of global identifier, local identifier, temp identifier, access information set, credential set, attribute set and trusted domain set. Then the construction process of this model which includes two stages is shown, the collection of attributes and credentials, the update of trusted domains and access information is finished during these two stages. Application result shows that this model provides good support for current identity management systems to implement integration and identity protection.

Key words: general identity model, identity management, construction process, trust agency

中图分类号: