以大型销售MIS的数据安全问题为例,提出以终端ID号、钥匙盘ID号和终端用户样本指纹绑定为一体的身份认证方案.该方案采用软硬件协同工作方式,克服了传统身份认证模式或安全性能低,或运算成本高等缺陷,提高了认证效率,并保证了合法用户操作的唯一性和认证过程的不可抵赖性.提出的基于ECC与一维混沌加密算法优点相结合的混合加密方案,使基于互联网传送的数据安全性有了实质性提高.基于分治叠加法的大整数计算成果运用,克服了计算机精度域的限制,使密钥空间从理论上趋向于无穷大.试验结果表明,基于混合加密算法的数据安全方案具有良好的抗穷举攻击和抗差分攻击能力.该项研究为解决各类MIS的数据安全问题提供了重要策略,意义重大.%Take data security issues in a large MIS as example, the paper proposes an authentication scheme that bundles terminal ID number, key disk ID number and end user fingerprint samples together. The scheme adopts hardware and software collaborative work pattern to overcome defects in the traditional authentication mode like low safety performance or costly computation etc. , improve the certification efficiency and ensure the uniqueness of legitimate users and the non-repudiation of the authentication process. The proposed mixed cipher algorithm scheme based on the combination of ECC and one-dimensional chaotic encryption algorithm substantially improves the security of Internet-based data transmission. Another case that uses large integer calculation results based on superposition method has overcome the limitation by computer precision field in order to theoretically extend the key space towards infinity. Experiment results show that the data security scheme based on mixed cipher algorithm bears good resistance against brute-force attacks and anti-differential attacks. The study provides an important strategy to solve data security problems for various types of MIS.
展开▼
