本文已被:浏览 2036次 下载 2000次
Received:April 15, 2017 Revised:May 11, 2017
Received:April 15, 2017 Revised:May 11, 2017
中文摘要: 在云计算环境下,网络安全协议的执行环境变得更为复杂,应用Web安全问题开放授权协议,可以提高信息共享的安全性. 本文采用CPN(Colored Petri Net)对OAuth协议进行建模,使用仿真工具CPNTools分析OAuth协议授权码模式的相关性质,并通过仿真实验表明授权码模式可以基于令牌进行验证与授权,防止针对授权码的CSRF注入攻击.
中文关键词: Web安全开放授权协议 Petri网 OAuth协议 协议分析
Abstract:In the cloud computing environment, the execution environment of network security protocols becomes more complex than ever before. The use of Web security issues open license agreement can improve the security of information sharing. CPN (Colored Petri Net) is employed to model OAuth protocol. The analysis of authorization code pattern in OAuth protocol adopts simulation tool named CPNTools. The experimental results show that the authorization code pattern can be verified and authorized based on token. Authorization token injection attack can be prevented in this way.
文章编号: 中图分类号: 文献标志码:
基金项目:河南省教育厅2016年度教师教育课程改革研究项目(2016-JSJYYB-080);河南省科技攻关项目(172102310702);河南省教育厅科技研究重点项目(17A520049,17A630046);南阳师范学院校级项目(QN2017064)
引用文本:
张婷,张鑫,张新刚.基于CPN的OAuth协议建模与分析.计算机系统应用,2018,27(2):212-215
ZHANG Ting,ZHANG Xin,ZHANG Xin-Gang.Modeling and Analysis of OAuth Protocol Based on CPN.COMPUTER SYSTEMS APPLICATIONS,2018,27(2):212-215
张婷,张鑫,张新刚.基于CPN的OAuth协议建模与分析.计算机系统应用,2018,27(2):212-215
ZHANG Ting,ZHANG Xin,ZHANG Xin-Gang.Modeling and Analysis of OAuth Protocol Based on CPN.COMPUTER SYSTEMS APPLICATIONS,2018,27(2):212-215
