(高可信软件技术教育部重点实验室(北京大学) 北京 中国 100871;网络和软件安全保障教育部重点实验室(北京大学) 北京 中国 100871;北京大学信息科学技术学院 北京 中国 100871;高可信软件技术教育部重点实验室(北京大学) 北京 中国 100871;网络和软件安全保障教育部重点实验室(北京大学) 北京 中国 100871;北京大学软件工程国家工程研究中心 北京 中国 100871)
关键词:  未来互联网体系结构  内生安全  自认证  组合公钥体制
Research on Intrinsic Security in Future Internet Architecture
CHEN Zhong,MENG Hongwei,GUAN Zhi
Key Laboratory of High Confidence Software Technologies(Peking University) Ministry of Education, Beijing 100871, China;Key Laboratory of Network and Software Security Assurance(Peking University) Ministry of Education, Beijing 100871, China;School of Electronics Engineering and Computer Science, Peking University, Beijing 100871, China;Key Laboratory of High Confidence Software Technologies(Peking University) Ministry of Education, Beijing 100871, China;Key Laboratory of Network and Software Security Assurance(Peking University) Ministry of Education, Beijing 100871, China;National Engineering Research Center of Software Engineering, Peking University, Beijing 100871, China
The characteristics of intrinsic security in the future Internet architecture have been used to conquer the security problems of current Internet. Self-certifying addresses are introduced in future Internet architecture (FIA) to enable the intrinsic security properties. However, without PKI, these approaches in FIA miss the intrinsic binding between user-level descriptor, network-level identifier and correspondent public key. To this end, a naming scheme of Self-Certifying Identifier in FIA based on Combined Public Key (CPK), named as SCI-CPK, is proposed in this paper. The use cases of identity authentication based on SCI-CPK in FIA designs are also given, including XIA, MobilityFirst and NDN. The analysis shows that the proposed method is benefit of ubiquitous access and vast mobility scenario in the future Internet.
Key words:  future Internet architecture  intrinsic security  self-certifying  combined public key