出版时间:2011-6 出版社:南相浩 电子工业出版社 (2011-06出版) 作者:南相浩 页数:284
内容概要
《标识鉴别:网际安全技术基础》讨论了未来“网际安全”的关键技术――基于标识鉴别的可信系统,也讨论了与此相关的自证性公钥体制、信任逻辑,以及信任逻辑在可信接入、可信计算、可信交易、可信物流。网络管理中的应用,以及在互联网和物联网构成的网际空间中建立互信的基本技术,也讨论了新一代信息安全的概念和下一代绿色网络安全的发展方向
书籍目录
ContentsPart OneAuthentication TechnologyChapter 1Basic Concepts11Physical World and Digital World12A World with Order and without Order 13Selfassured Proof and 3rd Party Proof14Certification Chain and Trust Chain15Centralized and Decentralized Management 16Physical Signature and Digital SignatureChapter 2Authentication Logics21Belief Logic211The Model 212The Formulae213The Characteristics of Belief Logic22Trust Logic221Direct Trust222Axiomatic Trust223Inference Trust224Behavior Based Trust225Characteristics of Trust Logic23Truth Logic231The Needs of Truth Logic232Entity Authenticity233The Characteristics of Truth Logic24Authentication Protocols241Standard Protocol242CPK Protocol25Authentication Systems251PKI Certification System252CPK Authentication SystemChapter 3Identity Authentication31Communication Identity Authentication32Software Identity Authentication33Electronic Tag Authentication34Network Management35Holistic Security Part TwoCryptosystemsChapter 4Combined Public Key (v60)41Introduction42Mapping Function43Computation of Keys431Computation of IdentityKey432Computation of Separatingkey433Computation of Generalkey434Computation of Districtkey44Digital Signature and Key Delivery441Digital Signature442Key Delivery45SecurityConclusionChapter 5Cryptosystem and Authentication51New Requirements for Cryptosystem52Development of Cryptosystems53Identity Authentication Schemes531Identity Authentication with IBC532Identity Authentication with CPK533Identity Authentication with PKI534Identity Authentication with IBRSA535Identity Authentication with mRSA536Comparison of Schemes54Key Delivery Schemes541IBE Key Delivery542CPK Key Delivery543Other Key Delivery Schemes544Performance Comparison55Related Discussions551Discussion on Trust Root552Discussion on Quantum AttackChapter 6Bytes Encryption61Coding Structure611Permutation Table (disk)612Substitution Table (subst)613Key Structure62Working Flow621Given Conditions622Key Derivation623Data Expansion624Compound of Data and Key625Left Shift Accumulation626Permutation627Right Shift Accumulation628Data Concentration629Single Substitution6210Compound of Data and Key63Security AnalysisPart ThreeCPK SystemChapter 7CPK Key Management71CPK Key Distribution711Authentication Network712Communication Key713Classification of Keys72CPK Signature721Digital Signature and Verification722Signature Format73CPK Key Delivery74CPK Data Encryption75Key Protection751Password Verification752Password ChangeChapter 8CPKchip Design81Background82Main Technology83Chip Structure84Main Functions841Digital Signature842Data EncryptionChapter 9CPK IDcard91Background92IDcard Structure921The Part of Main Body922The Part of Variables93IDcard Data Format94IDcard Management941Administrative Organization942Application for IDcard943Registration Department944Production Department945Issuing DepartmentPart FourCode AuthenticationChapter 10Software ID Authentication101Technical Background102Main Technology103Signing Module104Verifying Module105The Feature of Code SigningChapter 11Windows Code Authentication111Introduction112PE File113Minifilter1131NT I/O Subsystem1132File Filter Driving1133Minifilter114Code Authentication of Windows1141The System Framework1142Characteristics Collecting115ConclusionChapter 12Linux Code Authentication121General Description122ELF File123Linux Security Module (LSM) Framework124ImplementationPart FiveCommunication AuthenticationChapter 13Phone Authentication131Main Technologies132Connecting Procedure133Data Encryption 134Data Decryption Chapter 14SSL Communication Authentication141Layers of Communication142Secure Socket Layer (SSL)143Authenticated Socket Layer (ASL)144TSL Working Principle 145ASL Address Authentication 146ComparisonChapter 15Router Communication Authentication151Principle of Router 152Requirements of Authenticated Connection153Fundamental Technology154Origin Address Authentication155Encryption Function1551Encryption Process1552Decryption Process156Requirement of Header Format 157Computing Environment1571Evidence of Software Code1572Authentication of Software CodeConclusionPart SixeCommerce AuthenticationChapter 16eBank Authentication161Background 162Counter Business 163Business Layer 164Basic Technology 165Business at ATM166Communication Between ATM and Portal167The Advantages Chapter 17eBill Authentication171Bill Authentication Network172Main Technologies173Application for Bills174Circulation of Bills175Verification of CheckPart SevenLogistics AuthenticationChapter 18eTag Authentication181Background182Main Technology183Embodiment (Ⅰ)184Embodiment (Ⅱ)Chapter 19eWallet Authentication191Two Kinds of Authentication Concept192System Configuration193Tag Structure1931Structure of Data Region1932Structure of Control Region194Tag Data Generation and Authentication1941KMC1942Enterprise 1943Writer and Reader195Protocol Design196ConclusionPart EightStored File AuthenticationChapter 20Storage Authentication201Security Requirements202Basic Technology203File Uploading Protocol204File Downloading Protocol205Data Storing2051Establishment of Key File2052Storage of Key File2053Documental Database Encryption 2054Relational Database EncryptionChapter 21Secure File Box211Background212System Framework213Features of the System214System Implementation·ⅩⅦ·Chapter 22Classification Seal Authentication221Background Technology222Main Technologies223Working Flow 224Embodiment225ExplanationPart NineMoving Data AuthenticationChapter 23eMail Authentication231Main Technologies232Sending Process 233Receiving ProcessChapter 24Digital Right Authentication241Technical Background242Main Technologies243Manufacturer′s Digital Right 244Enterprise′s Right of Operation245Client′s Right of Usage Part TenNetwork AuthenticationChapter 25Pass Authentication251Background 252Working Principles 253The Diagram of Gateguard254Gateguard for Individual PC 255Guarding Policy·ⅩⅧ·Chapter 26Address Authentication261Background 262Main Problems 263Technical Approach 2631CPK Cryptosystem2632New Routing Protocol2633Computing Environment264New Prototype of Router PostscriptNew Trend of Information SecurityAppendices ·ⅩⅦ·Appendix AWalk Out of Mysterious "Black Chamber"Appendix BIdentity Authentication Opening a New Land for Information SecurityAppendix CSearching for Safe "Silver Bullet"Appendix D"ElectronicID Card" Attracts International AttentionAppendix ECPK System Goes to the WorldAppendix FIdentity Authentication Based on CPK SystemAppendix GCPK CryptosystemReferencesGlossaryTechnical TermsSymbols
编辑推荐
南相浩编著的这本《标识鉴别——网际安全技术基础》讨论了未来“网际安全”的关键技术——基于标识鉴别的可信系统,也讨论了与此相关的自证性公钥体制、信任逻辑,以及信任逻辑在可信接入、可信计算、可信交易、可信物流。网络管理中的应用,以及在互联网和物联网构成的网际空间中建立互信的基本技术,也讨论了新一代信息安全的概念和下一代绿色网络安全的发展方向。
图书封面
评论、评分、阅读与下载