Identification System for Enterprise Users Based on

doi:10.3969/j.issn.1006-2475.2018.03.019

Abstract

Abstract: In order to overcome the disadvantages of login methods of current enterprise information systems on security and flexibility, an identification system for enterprise users based on national commercial cryptographic algorithms and physical un-clone-able function is designed and implemented. The frame of FIDO U2F is used in this system with identity tokens as the second factors in user authentication. Moreover, by using national commercial cryptographic algorithms, autonomous and manageable security is obtained. Thus the system achieves high security and flexibility. The security analysis shows that the system is evidently more secure than current other enterprise identification systems. The experimental results show that the system takes advantage of low overhead and high reliability thus can be implemented in enterprise information systems easily and quickly.

Key words: identification, enterprise information system, physical un-clone-able function, fast identification online, true random number generator, identity token

CLC Number:

TP391

XU Rui1,2, YOU Jia1,2, LIU Kun1,2, MA Feng1,2, DUAN Ke2, ZHONG Yan-tao3. Identification System for Enterprise Users Based on[J]. Computer and Modernization, doi: 10.3969/j.issn.1006-2475.2018.03.019.

References

［1］ Eswaran S, Ashok A, Krishnan R H. Graphical passwords effects of tolerance password, image choice and OTP login security［J］. International Journal of Research and Engineering, 2017,4(1):31-34.
［2］何丽红,汪新国. 基于USB接口的ERP登录系统［J］. 计算机与现代化, 2010(10):177-179.
［3］王中华,韩臻,刘吉强,等. 云环境下基于PTPM和无证书公钥的身份认证方案［J］. 软件学报, 2016,27(6):1523-1537.
［4］ Amin R, Biswas G P. Anonymity preserving secure hash function based authentication scheme for consumer usb mass storage device［C］// The 3rd International Conference on Computer, Communication, Control and Information Technology(C3IT). 2015:121-125.
［5］ Hu Kexin, Zhang Zhenfeng. Security analysis of an attractive online authentication standard: FIDO UAF protocol［J］. China Communication, 2016,13(12):189-198.
［6］郭茂文. 基于FIDO协议的指纹认证方案研究［J］. 广东通信技术, 2016,36(4):2-5.
［7］马敏,吴秋新. 快速身份验证协议概述［J］. 数字技术与应用, 2016(3):211-212.
［8］李梁磊,邵立嵩,王传勇,等. 一种基于FIDO UAF架构的开放授权方案［J］. 信息网络安全, 2017(6):35-42.
［9］ Verheul E R. Practical Backward Unlinkable Revocation in FIDO, German E-ID, Idemix and U-Prove［R/OL］. https://eprint.iacr.org/2016/217.pdf, 2016-12-18.
［10］Liao Kai, Cui Xiaoxin, Liao Nan, et al. High-performance noninvasive side-channel attack resistant ECC coprocessor for GF(2m)［J］. IEEE Transactions on Industrial Electronics, 2017,64(1):727-738.
［11］程凤伟. 基于国密算法SM2的IPSecVPN技术［J］. 太原学院学报(自然科学版), 2016,34(1):37-40.
［12］刘牧洲,仇剑书,张云勇,等. 基于标识密钥技术的证书集成管理平台［J］. 通信学报, 2016(S1):197-203.
［13］李冰,涂云晶,陈帅,等. 基于SRAM物理不可克隆函数的高效真随机种子发生器设计［J］. 电子与信息学报, 2017,39(6):1458-1463.
［14］Hiller M, nalan A G, Sigl G, et al. Online reliability testing for PUF key derivation［C］// Proceedings of the 6th International Workshop on Trustworthy Embedded Devices. 2016:15-22.
［15］Smith A F, Skrabalak S E. Metal nanomaterials for optical anti-counterfeit labels［J］. Journal of Materials Chemistry C, 2017,5(13):3207-3215.
［16］贾小艳,乌力吉,张向民,等. 应用于智能卡的真随机数发生器及其后处理算法的研究［J］. 密码学报, 2016,3(6):555-563.

[1]	ZENG Li-li, TANG Hua-bei, NIU Yi-xiao, MENG Fan-yue. Lithofacies Identification Method Based on LSTM Stacked Residual Network [J]. Computer and Modernization, 2023, 0(08): 38-43.
[2]	QIN Zhu-yuan, WU Hao-zhong, TAN Dai-qing, HAN Ai-qing, ZANG Hao, WANG Xuan, TANG Yan. Fine-grained Identification of Maidong Based on Multi-scale ResNet Combining Attention Mechanism [J]. Computer and Modernization, 2023, 0(07): 105-111.
[3]	LI Guo-xin, QU Han-bing, ZHU Cheng-bo, WANG Xin-xuan, HU Jia-bao. Domain Adapted Person Re-identification Algorithm Based on Joint Network [J]. Computer and Modernization, 2023, 0(06): 48-55.
[4]	PAN Feng, WANG Jie, ZHANG Yan-sha, TAN Mian, HE Xing, WANG Lin, . Person Re-identification Based on Dual-branch Feature Concatenation [J]. Computer and Modernization, 2023, 0(05): 93-99.
[5]	YIN Jian-feng, WEI Xin, GU Xiong-wei, HUANG Kai, WEI Min-jie. Digital Identification of Electric Meter Based on Image Threshold Optimization and Improved SVM [J]. Computer and Modernization, 2023, 0(05): 106-110.
[6]	TIAN Feng, DENG Xiao-ping, ZHANG Gui-qing, WANG Bao-yi. A Non-intrusive Load Monitoring Method Based on Improved kNN Algorithm and Transient Steady State Features [J]. Computer and Modernization, 2022, 0(10): 29-35.
[7]	LIU Hui, DING Xu-dong, YANG Dong-run, ZHANG Ying, LIU Zhong-chen, SUN Mei. A Hybrid Modeling Method for Real-time Prediction of Heat Collection in Solar Heat Collection Systems [J]. Computer and Modernization, 2022, 0(10): 55-61.
[8]	XU Ya-jun, GUO En-hao, CHEN Lin, SI Cheng-ke. A Data-driven Deep Modulation Identification Method for RF Signals [J]. Computer and Modernization, 2022, 0(06): 80-86.
[9]	QIN Ming-yue, NIAN Mei, ZHANG Jun, . Malicious TLS Traffic Identification Based on Deep Generation Adversarial Network [J]. Computer and Modernization, 2022, 0(04): 121-126.
[10]	WAN Dong-hou, ZHANG De-xian, DENG Miao-lei, . Vehicle Re-identification Method Based on Non-local Attention and Local Features [J]. Computer and Modernization, 2022, 0(03): 23-29.
[11]	HU Yan, ZHUO Shu-long, SI Cheng-ke. Identification of Data-driven ADS-B Interference Source Signal Type [J]. Computer and Modernization, 2022, 0(02): 19-25.
[12]	QIU Yu, HAN Jun-ying, FENG Cheng-zhi, CHEN Yong-wei. Apple Cultivar Identification Based on Convolutional Neural Network [J]. Computer and Modernization, 2021, 0(12): 65-71.
[13]	XUE Wei-lian, LI Xue-jiao, CHEN Jie. A Multi-period Anti-collision Tree Search Algorithm Based on ALOHA Partition [J]. Computer and Modernization, 2021, 0(11): 95-99.
[14]	SHAO Shi-yun, ZHOU Yu, YANG Lei, ZHONG Mao-sheng, DAI Rui, ZHAO Jia-le. An Efficient Entity Identification Method for Electric Bidding Documents Based on Conditional Random Field [J]. Computer and Modernization, 2020, 0(12): 72-77.
[15]	ZHOU Fang-yu, CHEN Shu-rong. A Feature-enhanced Tri-CNN Pedestrian Re-identification Method [J]. Computer and Modernization, 2020, 0(09): 60-65.