• 中国计算机学会会刊
  • 中国科技核心期刊
  • 中文核心期刊

J4 ›› 2006, Vol. 28 ›› Issue (8): 34-35.

• 论文 • 上一篇    下一篇

基于主动秘密共享的Web容侵策略研究

李庆华[1] 姚静[1,2] 赵峰[1,2]   

  • 出版日期:2006-08-01 发布日期:2010-05-20

  • Online:2006-08-01 Published:2010-05-20

摘要:

在基于传统秘密共享的Web服务中,入侵者可长时间攻击,降低了系统的可靠性,不再适用。本文提出了一种基于主动秘密共享的Web服务器入侵容忍方案,并给出了改进可验 证秘密共享方案后的影子产生算法和更新算法。该方案在不改变共享Web服务器私钥的情况下,周期性地更新私钥影子并且销毁原来的影子值,使得入侵者的可利用时间缩短
在一个周期内,从而保证Web私钥的长期安全性。

关键词: 入侵容忍 主动秘密共享 Web安全

Abstract:

The Web server scheme based on traditional secret shanng is not applicable because the adversary has so much time to mount attacks that this will reduce the dependability. This paper presents a Web server system based on proactive secret sharing, and provides share initialization and renewal algorithm s with an improved verifiable secret sharing scheme. This system proposes an effective scheme maintaining the long-time security of Web server private k eys, where shares are periodically renewed without changing the shared key and previous shares are all erased in such a way that the available time for   the adversary will be reduced to a single time period

Key words: intrusion tolerance, proactive secret sharing, Web security