[1]陈艺琳,左黎明,郝 恬,等.基于 SM2 和 OAuth2. 0 的强安全身份认证方案[J].计算机技术与发展,2023,33(07):126-131.[doi:10. 3969 / j. issn. 1673-629X. 2023. 07. 019]
 CHEN Yi-lin,ZUO Li-ming,HAO Tian,et al.Strong Security Authentication Scheme Based on SM2 and OAuth2. 0[J].,2023,33(07):126-131.[doi:10. 3969 / j. issn. 1673-629X. 2023. 07. 019]
点击复制

基于 SM2 和 OAuth2. 0 的强安全身份认证方案()
分享到:

《计算机技术与发展》[ISSN:1006-6977/CN:61-1281/TN]

卷:
33
期数:
2023年07期
页码:
126-131
栏目:
网络空间安全
出版日期:
2023-07-10

文章信息/Info

Title:
Strong Security Authentication Scheme Based on SM2 and OAuth2. 0
文章编号:
1673-629X(2023)07-0126-06
作者:
陈艺琳左黎明郝 恬罗娇燕
华东交通大学 理学院,江西 南昌 330013
Author(s):
CHEN Yi-linZUO Li-mingHAO TianLUO Jiao-yan
School of Science,East China Jiaotong University,Nanchang 330013,China
关键词:
OAuth2. 0 协议SM2数字签名身份认证授权
Keywords:
OAuth2. 0 protocolSM2digital signatureauthenticationauthorization
分类号:
TP309. 7
DOI:
10. 3969 / j. issn. 1673-629X. 2023. 07. 019
摘要:
在网络技术广泛应用的时代,网络安全问题的重要性越来越显著,同时网络安全问题也越来越突出。 身份认证技术是确保网络安全的重要手段。 在 API(Application Programming Interface) 控制访问中,OAuth2. 0 协议兼具用户资源授权和委托访问控制方法,在国内外各大互联网厂商中应用较广。 但是由于开发者未能严格遵守 OAuth2. 0 协议的规范,导致数据来源不可靠性问题层出不穷。 国密 SM2 数字签名算法是国内自主研发的基于 ECC 国际标准的改进算法,改进了明文编码问题并且具有更高的计算效率。 为解决 API 身份认证技术中存在的安全问题,提出一种基于 OAuth2. 0 的强安全身份认证方案,在其协议设计中使用了国密 SM2 数字签名,在无需密码的情况下完成第三方授权及认证,实现对受保护资源的授权和控制访问。 结果表明,方案在保留了传统身份认证方案所具有的安全性的同时,兼具了抗重放攻击、防中间人攻击和抗伪造性的特点,且数据交互效率没有明显降低。
Abstract:
In the era of widespread network technology,the importance of network security issues is becoming more and more significant,while network security issues are also becoming more and more prominent. Authentication technology is an important means to ensurenetwork security. In the API ( Application Programming Interface ) control access, OAuth2. 0 protocol has both user resourceauthorization and delegated access control methods,which are widely used in major Internet vendors at home and abroad. However,dueto the failure of developers to strictly comply with the specifications of OAuth2. 0 protocol,the problem of unreliability of data sourceshas emerged one after another. The SM2 digital signature algorithm is an improved algorithm based on the ECC international standard developed by China,which improves the plaintext encoding problem and has higher computational efficiency. In order to solve the securityproblems in API authentication technology,we propose a strong security authentication scheme based on OAuth2. 0,which uses SM2 digital signature in its protocol design to complete third - party authorization and authentication without passwords, and realize theauthorization and control access to protected resources. The results show that the scheme retains the security of traditional authenticationschemes while combining resistance to replay attacks,man-in-the-middle attacks,and forgery resistance,with no significant reduction indata interaction efficiency.
更新日期/Last Update: 2023-07-10