Netinfo Security ›› 2016, Vol. 16 ›› Issue (5): 37-43.doi: 10.3969/j.issn.1671-1122.2016.05.006

• Orginal Article • Previous Articles     Next Articles

Research on Authentication Scheme of Cryptographic Service System Based on Service Architecture

Weiwei YE1(), Qingyu OU1, Xiaowu BAI2   

  1. 1.Department of Information Security, Naval University of Engineering, Wuhan Hubei 430033, China
    2.Xiangyang Municipal Public Security Bureau, Xiangyang Hubei 441021, China
  • Received:2016-04-06 Online:2016-05-20 Published:2020-05-13

Abstract:

Traditional cryptographic service system is a “chimney” type structure, resulting in the encrypted communication difficulties between different departments, and information resources are difficult to share. This paper proposed oriented service architecture of cryptographic service system, and it realizes the interconnection and interoperability. This paper proposes an authentication scheme, which can enhance the security of the system. The efficiency of existing PKI public key certificate validation is low, the establishment of inter domain trust path is complex and too long trust path lead to cross domain authentication efficiency lower. Based on XKMS domain trust building methods, this paper establish direct trust relationship between any two of the IDP, and it can reduce the complexity and length of trust path construction, retain the advantage of PKI system, simplify the system interaction process, and improve cross domain authentication efficiency. Compared with the existing schemes, it can improve the efficiency of the authentication.

Key words: service oriented architecture, authentication scheme, cipher service, cross-domain authentication.

CLC Number: