[1]裴树军,张圆绪,娄淑慧.公钥加密体系下的HDFS身份认证过程改进与实现[J].哈尔滨理工大学学报,2016,(04):13-18.[doi:10.15938/j.jhust.2016.04.003]
 PEI Shu-jun,ZHANG Yuan-xu,LOU Shu-hui.Research on HDFS Authentication Process Based on Public Key Encryption[J].哈尔滨理工大学学报,2016,(04):13-18.[doi:10.15938/j.jhust.2016.04.003]
点击复制

公钥加密体系下的HDFS身份认证过程改进与实现()
分享到:

《哈尔滨理工大学学报》[ISSN:1007-2683/CN:23-1404/N]

卷:
期数:
2016年04期
页码:
13-18
栏目:
计算机与控制工程
出版日期:
2016-08-25

文章信息/Info

Title:
Research on HDFS Authentication Process Based on Public Key Encryption
文章编号:
1007-2683(2016)04-0013-06
作者:
裴树军张圆绪娄淑慧
哈尔滨理工大学计算机科学与技术学院,黑龙江哈尔滨150080
Author(s):
PEI Shu-jun ZHANG Yuan-xu LOU Shu-hui
(School of Computer Science and Technology, Harbin University of Science and Technology, Harbin 150080, China)
关键词:
云计算 HADOOP Distributed FileSystem 身份认证 Kerberos 公钥加密
Keywords:
cloud computing HDFS identity authentication kerberos public key
分类号:
TP399
DOI:
10.15938/j.jhust.2016.04.003
文献标志码:
A
摘要:
针对HDFS集群环境中Kerberos协议身份认证机制所面临的时间同步问题、KDC安全问题、字典攻击问题以及抵赖机制问题,提出了一种基于公钥加密体系改进HDFS环境下Kerberos协议的身份认证机制.首先,分析现存HDFS体系下的身份认证过程,并提出认证过程所面临的安全问题;其次,结合公钥加密机制与数据签名机制对HDFS下的Kerberos协议进行了针对性的修正,并给出了改进后Kerberos协议在HDFS环境下详细的身份认证工作流程;最后,根据公钥加密特点以及HDFS集群特性,充分分析论证了改进Kerberos在HDFS环境下的可行性.实验表明,在公钥级安全保证下,改进后的Kerberos协议与现有的身份认证机制相比在认证请求达到120次以上后时间性能优势明显,为HDFS集群提供了更可靠、更高效的身份认证解决方案.
Abstract:
Aiming at the problems that Kerberos authentication faced such as time synchronization, KDC secur- ity, dictionary attacks and repudiation mechanism in HDFS cluster, the paper proposed an improved Kerberos pro- tocol based on public key encryption system. Firstly, it analyzed the identity authentication process of HDFS system and put forward the security problems of the certification process. Secondly, it modified Kerberos protocol in HDFS combined with public key encryption and data signature and gave the detailed authentication process of the im- proved Kerberos Protocol in HDFS environment. Finally, it gave a full analysis and demonstration of the feasibility of the improved Kerberos according to the characteristics of HDFS cluster and public key encryption. The experi- ments show that time performance advantage of the improved protocol is obvious compared with the existing protocol when authentication request reaching more than 120 times. Under security guarantees of public key, it provides a more reliable and more efficient authentication solution to HDFS cluster.

相似文献/References:

[1]常成.PDMiner平台的主动配电网安全监测系统[J].哈尔滨理工大学学报,2017,(02):61.[doi:10.15938/j.jhust.2017.02.012]
 CHANG ChenR-.Active Power Distribution Network Security MonitoringSystem Based on PDMiner Platform[J].哈尔滨理工大学学报,2017,(04):61.[doi:10.15938/j.jhust.2017.02.012]

备注/Memo

备注/Memo:
收稿日期:2015-07-02
基金项目:哈尔滨市科技局哈尔滨市应用技术研究与开发项目(2014FFCJ036)
作者简介:裴树军(1969-),男,教授,E-mail:peisj@hrbust.edu.ca;?
张圆绪(1987-),男,硕士研究生;?
娄淑慧(1989-),女,硕士研究生.
更新日期/Last Update: 2016-11-01