入侵容忍技术在身份认证系统中的应用
Application of Intrusion Tolerant Techniques to Authentication System
-
摘要: 结合SITAR分布式入侵容忍体系结构和ITPAS密码认证体系统的特点,提出了一个具有入侵容忍功能的分布式密码认证系统模型,并在设计中考虑了冗余、多样性、代理、共享秘密和分布式入侵检测等技术,以求解决认证服务的入侵容忍问题和密码数据库的防字典攻击问题。Abstract: In combination with a scalable intrusion tolerance architecture for distributed service (SITAR) and intrusion tolerant password authentication system(ITPAS), this paper describes an architecture of distributed password authentication system which is intrusion tolerant. Intrusion tolerance and prevention of dictionary attacks are realized by means of redundancy, diversity, proxy, secret sharing, and distributed intrusion detection techniques.