摘要:
高可信性是下一代互联网的重要特征,主要包括服务提供者可信、信息传输可信和终端用户可信,其中服务提供者的身份可信是构建可信网络的前提。为此,提出一种网站身份可信标识的体系结构,描述基于域名资源记录的网站可信标识查验协议。通过该协议,用户可在各种互联网应用中方便地查询服务提供者的身份信息。实验结果表明,该体系结构与相关查询协议在效率、易用性、可扩展性等方面均可满足实际应用需要,单机查询性能达到15万次/s。
关键词:
可信网络,
可信标识,
域名服务器,
资源记录,
数字证书,
签名
Abstract:
High reliability is an important characteristic of Next Generation Internet(NGI). The Internet is on the way to trusted network. The trusted network includes the trust of service providers, the trust of the network information transmission and the trust of end-users. The identity trust of service providers is the important base of the trusted network. Aiming at this problem, this paper describes a technical architecture of a website trusted service and explains the Domain Name Server(DNS)-based check protocol in details. By the check service, users can get the Internet service provider’s information conveniently from Internet applications. Experimental results show that this architecture and the related check protocol can meet the needs of the practical application in terms of efficiency, usability, scalability, etc. The check performance of one machine can reach 150 000 times per second.
Key words:
trusted network,
trusted identification,
Domain Name Server(DNS),
resource record,
digital certificate,
signature
中图分类号:
卢文哲,杨风雷,高宁,毛伟. 网站可信标识架构与查验协议研究?[J]. 计算机工程.
LU Wen-zhe, YANG Feng-lei, GAO Ning, MAO Wei. Research on Trusted Website Identification Architecture and Check Protocol[J]. Computer Engineering.