| 客户端服务器模式中的混合认证和关键管理机制导则 |
客户端和服务器通常在安全凭据管理方面不对称。鉴于大多数情况下客户端多而服务器少,所以服务器凭据是以相对较低的成本分发和管理,然而客户端凭据显然并非如此操作。随着多数移动服务正开始越来越多的传递敏感的安全和隐私数据,行业需要使用安全但经济高效的方法来满足这种不对称的安全需求,为客户机-服务器模型提供安全通道。��在客户端凭据管理方面,密码可能是有效的。[ITU‑T X.1151]等指导原则可用于经过密码验证的密钥交换协议。然而,当客户端凭据受损时,对手不仅可以冒充客户端,亦可冒充服务提供商。可以使用凭据管理成本较低的公钥技术进行服务器身份验证,来缓解这种服务器模拟攻击。��ITU-T X.1450建议书为客户机-服务器模型中的混合身份验证和密钥交换机制提供了指导原则。底层机制建议使用共享秘密和公钥技术进行身份验证和密钥交换。本建议书涵盖了服务场景、安全威胁和减轻此类攻击的方法。 |
|
| Citation: |
https://handle.itu.int/11.1002/1000/13729 |
| Series title: |
X series: Data networks, open system communications and security
X.1300-X.1499: Secure applications and services (II)
X.1450-X.1459: Application Security (2) |
| Approval date: |
2018-10-14 |
| Provisional name: | X.hakm |
| Approval process: | AAP |
|
Status: |
In force |
|
Maintenance responsibility: |
ITU-T Study Group 17 |
|
Further details: |
Patent statement(s)
Development history
|
|
|
| Ed. |
ITU-T Recommendation |
Status |
Summary |
Table of Contents |
Download |
|
1
|
X.1450 (10/2018)
|
In force
|
here
|
here
|
here
|
| Title |
Approved on |
Download |
|
Guidelines for identity-based cryptosystems used for cross-domain secure communications
|
2023
|
here
|
|
Overview of hybrid approaches for key exchange with quantum key distribution
|
2022
|
here
|
|
Guidelines for security management of using artificial intelligence technology
|
2022
|
here
|
|
Successful use of security standards (2nd edition)
|
2020
|
here
|
|
Description of the incubation mechanism and ways to improve it
|
2020
|
here
|
|
Strategic approaches to the transformation of security studies
|
2020
|
here
|
|
