关键词: 入侵容忍 主动秘密共享 Web安全

Abstract:

The Web server scheme based on traditional secret shanng is not applicable because the adversary has so much time to mount attacks that this will reduce the dependability. This paper presents a Web server system based on proactive secret sharing, and provides share initialization and renewal algorithm s with an improved verifiable secret sharing scheme. This system proposes an effective scheme maintaining the long-time security of Web server private k eys, where shares are periodically renewed without changing the shared key and previous shares are all erased in such a way that the available time for   the adversary will be reduced to a single time period

Key words: intrusion tolerance, proactive secret sharing, Web security