Journal of Information Security Research ›› 2019, Vol. 5 ›› Issue (3): 253-256.
Previous Articles Next Articles
Received:
Online:
Published:
蔡友保,冯暄,陈翼,王斯梁
通讯作者:
作者简介:
Abstract: Comparing with traditional IT system, cloud computing presented the new characteristics of virtualization, multiuser, distributed and so on. Most existing authentication mode such as “userid+password” faced the risks such as fraudulent use and maninthemiddle attacks in the high security field. In view of this, this paper proposed a solution for implementing cloud identity authentication in a high security environment. The USBKey is used in the cloud terminal, and the twofactor strong identity authentication is realized by utilizing the “USBKey+PIN code”, and it is combined with the digital certificate technology to enhance the existing remote desktop protocol (RDP). The USBKey is safely mapped onto the virtual desktop to estabilsh a secure connection channel. and the strong identity authentication for the user to log into the cloud server is realized. This solution issuccessfully applied to our science and technology Big Data platform of our college, and achieved good results.
Key words: cloud computing, USBKey, remote desktop protocol (RDP), VDI, authentication solution
摘要: 云计算环境相对于传统的IT系统具有虚拟化、多用户、分布式等新特征,现有基于“用户名+口令”的认证方式在高安全领域存在诸如易冒用和中间人攻击等风险.有鉴于此,本文提出一种在高安全环境下实现云身份认证的解决方案,在云终端中使用USBKey,利用“USBKey+PIN码”的方式实现双因子强身份认证,并结合数字证书技术,对现有远程桌面协议进行安全增强,将云终端的USBKey设备安全可控地映射至虚拟桌面中,建立虚拟桌面连接安全通道,实现用户登录云服务器强身份认证.本方案已应用到我院科技大数据平台研发中,取得较好的效果.
关键词: 云计算, USBKey, 远程桌面协议, 虚拟桌面, 身份认证方案
蔡友保 冯暄 陈翼 王斯梁. 一种安全增强型云计算身份认证方案[J]. 信息安全研究, 2019, 5(3): 253-256.
0 / / Recommend
Add to citation manager EndNote|Ris|BibTeX
URL: http://www.sicris.cn/EN/
http://www.sicris.cn/EN/Y2019/V5/I3/253