论文部分内容阅读
文章提出了一种基于PKI的网络安全模型,旨在为网络服务提供有效认证、访问控制、授权、传输机密性、不可否认性等安全机制。该模型在 PKI的基础上,结合了 Kerberos的优势,并扩展了其机制中服务票据的思想,提出了由授权服务器签名的授权证书的概念,以保证自治式与集中式访问控制相结合的安全管理模式。
This paper presents a PKI-based network security model that aims to provide network services with effective authentication, access control, authorization, transmission confidentiality, non-repudiation and other security mechanisms. Based on PKI, this model combines the advantages of Kerberos and extends the idea of service tickets in its mechanism. The concept of authorization certificate signed by authorization server is proposed to ensure the security of autonomous and centralized access control Management mode.