透過您的圖書館登入
IP:100.24.20.141
  • 學位論文

行動代理人之私鑰管理機制

Private Key Management Schemes for Mobile Agents

指導教授 : 林永松

摘要


由於電腦技術與網路發展迅速,現今許多資源主要透過網路進行分享,在分享的同時,會產生存取控制問題,而同時存取控制機制已被廣泛地應用,例如:線上電視系統,無線網路,電子化公文等,因此,建立起一個可以精確存取資料並保護其安全的存取控制機制十分重要。常見的存取控制問題包含以下:未經授權存取要求、資料遭受侵入與破壞、權限不符以及隱私外露等情形,在在顯示出存取控制機制的必要性和重要性,是值得討論的議題,同時有鑒於過去學者Volker和Mehrdad在行動代理人存取控制與金鑰管理機制所提出的方法,將會有耗費代理人空間和安全性的問題。因此,本文中提出三種應用在行動代理人技術上的存取控制機制,其分別由三個不同的數學方法建構而成,包括中國餘數定理、Lagrange interpolation以及橢圓曲線密碼系統,用以確保金鑰的安全性,並同時給予權限的分級,達到在應用上的安全性管理的需求。方法一應用中國餘數定理建構存取控制方法,方法容易了解和實作,可應用於線上電視系統,透過所建立的機制,來控制視訊。方法二應用Lagrange interpolation結合ElGamel進行保護,安全性比方法一更高,可應用於安全性要求較高的環境,例如:金融系統或保險系統。方法三應用橢圓曲線密碼系統簽章機制和時間憑証,使其於具有時間性和驗証,可應用於醫療系統環境,例如:醫生上班時間和驗証。本論文所提出的新機制,是藉由改良學者提出的安全機制的缺點,來提升金鑰管理上的效能,同時加入實驗部份,來比較及分析所提方法和過去方法在金鑰生成和推導階段的效能;也對所提的三種方法進行安全性和效能的優缺點比較分析。透過上述的應用技術和理論,取得最佳的平衡點,同時依據本論文的分析,證實本論文提出的新機制可以更有效率且安全地保護行動代理人。

並列摘要


With the rapid development of computer techniques and internet, many resources are shared through the internet nowadays. The problems of access control arise naturally as the resources are shared over the internet. It is important to notice that the access control mechanism has been widely applied in various areas, such as on-line video systems, wireless network, and electronic documents. It is hence important to construct an access control mechanism based upon which data can be accessed efficiently and securely. There are some common access control problems: demand of unauthorized access, data invasion or destruction, privileges inconsistency, and privacy leakage. These imply that the access control problem is worth of further study. The access control and key management mechanism proposed by Volker and Mehrdad based on mobile agents is not secure and the agents themselves take up a lot of storage space. We hence propose three access control mechanisms for mobile agents which are constructed based on three different mathematical fundamentals: Chinese remainder theorem, Lagrange interpolation, and Elliptic curve cryptography. The Chinese remainder theorem is used in scheme one to construct an access control scheme, which is easy to understand and can be implemented in various applications, such as on-line video systems. The Lagrange interpolation and ElGamal algorithm are used in scheme two to enhance security. The security of scheme two is higher than that of scheme one so that it can be applied to an environment which requires higher security, such as banking systems or insurances systems. The Elliptic curve cryptography and Date-constraint are used in scheme three. Therefore, scheme three can be applied to environments which require even more security. For instance, it can be implemented in a medical institution to evaluate and supervise doctors’ work schedules. The new schemes constructed in this study remedy the defects of the security mechanisms proposed by a number of previous related researches to enhance the performance of key management. We conduct numerical experiments to compare the efficiency of our proposed schemes with that of several related published schemes in both key generation phase and key derivation phase. Our new schemes are proved to be more efficient and more secure in protecting the mobile agents. We also conduct numerical experiments to compare the three schemes constructed in this study. It is shown, as expected, a more efficient scheme provides relatively less security and a more secure scheme is relatively less efficient for private keys of the same size.

參考文獻


[57] M. S. Hwang, “A New Dynamic Key Generation Scheme for Access Control in a Hierarchy,” Nordic Journal of Computing, Vol. 6, No. 4, pp. 363-371, 1999.
[15] T. Chen, H. Chen, and Y. Liu, “Three-layer Application System for Database Encryption,” Journal of Huazhong University of Science and Technology, Vol. 33, No. 7, pp. 41-44, 2005.
[50] H. B. Chen, W. B. Lee, C. W. Liao, and C. H. Huang, “Efficient Hierarchical Access Control and Key Management for Mobile Agents,” the First International Workshop on Privacy and Security in Agent-based Collaborative Environments, pp. 120-127, 2006.
[78] H. B. Chen, W. B. Lee, C. W. Liao, and C. H. Huang, “Efficient Hierarchical Access Control and Key Management for Mobile Agents,” Privacy and Security in Agent-based Collaborative Environments, pp. 120-127, 2006.
[1] H. R. Hassen, A. Bouabdallah, H. Bettahar, and Y. Challal, “Key Management for Content Access Control in a Hierarchy,” Computer Network, Vol. 51, No. 11, pp. 3197-3219, 2007.

延伸閱讀