摘要
雲端技術近年來快速成長,使用者可以在任何時間,任何地點使用供應商提供的資源。以目前OpenID聯盟提出簡單授權註冊資料方便使用者將個人資料透過授權的方式轉移到不同的供應商。但供應商在將資料轉移的流程當中並沒有將使用者的個人隱私資訊加以保護,使得攻擊者可以輕易地攔截並加以竄改;或者利用得到的資料進行詐騙等行為。本文採用盲簽章方式讓雲端協助使用者驗證即將註冊的供應商,並且保護使用者的身分以及改善已知的漏洞。 其次雲端服務的SaaS(Software as a Service)優勢在於透過標準格式就可以使用雲端所提供的服務。而電子書是目前各大雲端供應商對於行動裝置所主打的服務商品,數位商品的內容可以透過數位產權管理的機制保護,行動裝置在使用數位內容時是需要讓數位產權管理知道該使用者是否有權限使用的。本論文所提出的協定是使用者以行動裝置的角度思考使用雲端服務並透過數位產權管理的技術保護數位內容,使得認證過的合法使用者可以方便的使用行動裝置觀看數位內容。
並列摘要
Cloud technology has undergone significant and rapid growth in recent years, providing users with ever more Cloud resources, available from anywhere, any time. OpenID Union proposed a simple authorization method, allowing the authorized transfer of users’ personal data from one Cloud to another, using personal registration information. However, since providers do not protect users’ private information, attackers can easily intercept and tamper with confidential messages. In this paper, we use the characteristics of the blind signature to support user verification of the registering provider, to protect the user’s identity, and to address known vulnerabilities in the system. Moreover, the main advantage of the SaaS (Software as a Service) of the cloud service is to support different softwares and devices to open web browser to authenticate the users through the standard format. The E-book is protected by digital rights management (DRM) and users can use mobile device to read it. The proposed scheme also focuses on using the mobile device to access the cloud service. The DRM mechanisms can protect digital content. Once the mobile users pass the authentication, the users can access the cloud services, authenticated users can easily use mobile devices to read digital content.
參考文獻
[20] F.Y. Yang, C.M. Liao, A Provably Secure and Efficient Strong Designated Verifier Signature Scheme, International Journal of Network Security, Vol. 10, No. 3, pp.223-227, 2010.
[1] D. Svantesson, R. Clarke, Privacy and consumer risks in cloud computing, computer law & security review, Vol.26, No.4, pp.391-397, 2010.
[2] W. Itani, A. Kayssi, A. Chehab, Privacy as a Service: privacy-aware data storage and processing in cloud computing architectures, in: IEEE International Conference on Dependable, Autonomic and Secure Computing, DASC’09, pp.711-716, 2009.
[3] M. Descher, P. Masser, T. Feilhauer, A.M. Tjoa, D. Huemer, Retaining data control to the client in infrastructure clouds, in: International Conference on Availability, Reliability and Security, ARES’09, pp.9-16, 2009.
[7] R. Buyya, C.S. Yeo, S. Venugopal, J. Broberg, I. Brandic, Cloud computing and emerging IT platforms: Vision, hype, and reality for delivering computing as the 5th utility, Future Generation Computer Systems, Vol.25, No.6, pp.599-616 , 2009.
延伸閱讀
- 劉家驊、洪士凱(2010)。雲端運算資料安全防護機制之研究。載於清雲科技大學電子工程系(主編),電腦視覺、影像處理與資訊技術研討會(頁100-109)。清雲科技大學電子工程系。https://doi.org/10.29943/DNSJ.201006.0100
- 林宜隆、伍台國、周瑞國(2011)。雲端服務風險安全性評估之探討。載於中華民國資訊安全學會(主編),全國資訊安全會議(頁421-430)。中華民國資訊安全學會。https://doi.org/10.29615/CISC.201105.0421
- 邱業桐(2013)。雲端運算資料共享之安全防護研究〔碩士論文,健行科技大學〕。華藝線上圖書館。https://doi.org/10.6824/UCH.2013.00042
- 葉慈章、詹雅鈞、蔡峻福(2016)。Enhanced Mobile Cloud Identity Management Framework。明新學報,42(2),57-66。https://www.airitilibrary.com/Article/Detail?DocID=1728760X-201608-201709250011-201709250011-57-66
- Wu, M. Y., & Lo, S. P. (2013). Authentication Mechanism for Private Cloud of Enterprise. Journal of Information Technology and Applications(資訊科技與應用期刊), 7(2), 52-56. https://doi.org/10.6302/JITA.201306_7(2).0004