一种保护敏感属性证书的披露方法

姜正涛; 怀进鹏; 王育民

一种保护敏感属性证书的披露方法

1.
北京航空航天大学计算机学院, 北京 100083
2. 西安电子科技大学综合业务网国家重点实验室, 西安 710071

基金项目: 中国博士后科学基金资助项目(20060400035);国家自然科学重大研究计划基金资助项目(90412011);国家973重点研究发展规划基金资助项目(2002CB321803)

详细信息

作者简介:
姜正涛(1976－),男,山东青岛人,博士后,jiangzt@act.buaa.edu.cn.

中图分类号: TP 309.2
计量
- 文章访问数: 2734
- HTML全文浏览量: 131
- PDF下载量: 956
- 被引次数: 0
出版历程
- 收稿日期: 2006-12-26
- 网络出版日期: 2007-12-31

Disclosing method for protecting sensitive certificate

1.
School of Computer Science and Technology, Beijing University of Aeronautics and Astronautics, Beijing 100083, China
2. National Key Lab. of Integrated Service Networks, Xidian University, Xi-an 710071, China

摘要

摘要: 进一步研究了敏感属性证书披露问题,尝试运用密码学机制给出一个属性证书披露方案,增强安全保证,在一定条件下保护资源请求者和提供者双方的权利,该方案实现了以下特点: 资源请求者最终向资源提供方提交所拥有属性证书中的一部分;提供方可以获得这一部分证书但不能获得其余的属性证书;请求者无法得到资源提供方获得(感兴趣)哪些属性证书的任何信息;可根据双方协议,为不同的属性设置特定的限值,对于每一属性只有提供方参与成员(或权限)达到或超过这一值才可以获得或验证这些属性证书,同时保护双方的部分权利和隐私.
- 敏感属性 /
- 资源访问 /
- 证书披露 /
- 隐私保护
Abstract: Further investigations on the problem of disclosing sensitive attribute certificate were provided. To enhance its security assurance, cryptographic mechanisms were utilized and a certificate disclosure scheme based on which was proposed, which realized the following characteristics: At last resource demander submits part of all of her attribute certificates to the resource provider; Resource provider can receive that part of attribute certificates and he cannot get any information of the rest; Resource demander cannot get any information on which attribute certificates does the provider really get or interest; With this scheme and according to their realized agreements, they can arrange a set of different bounds for the different attribute. For any attribute, the condition that the attribute certificate can be obtained or validated only when the number of the provider participant (or limit) exceed or equal to the corresponding bound, which can protect part of right and privacy of both sides.
- sensitive attribute certificate /
- resource accessing /
- certificate disclosure /
- privacy protection

HTML全文

参考文献(1)

[1] Metcalfe B. The next-generation Internet[J]. IEEE Internet Computing, 2000, 4(1): 58-59 [2] Baroody R, Rashid A, Al-Holou N, et al. Next generation vehicle network (NGVN): Internet access utilizing dynamic discovery protocols Proceedings—The IEEE/ACS International Conference on Pervasive Services, ICPS 2004. Beirut: IEEE, 2004:81-88 [3] Oppliger R. Internet security enters the middle ages[J]. Computer, 1995, 28(10): 100-101 [4] Zhu Y, Han J, Liu Y, et al. TruGrid: A self-sustaining trustworthy grid Proceedings of the 25th IEEE International Conference on Distributed Computing Systems Workshops. Beirut: IEEE, 2005: 815-821 [5] Teacy W T L, Patel J, Jennings N R, et al. TRAVOS: Trust and reputation in the context of inaccurate information sources[J]. Autonomous Agents and Multi-Agent Systems, 2006, 12(2): 183-198 [6] Winslett M, Yu T, Seamons K E, et al. Negotiating trust on the web[J]. IEEE Internet Computing, 2002, 6(6):30-37 [7] Yu T, Winslett M, Seamons K E. Supporting structured credentials and sensitive policies through interoperable strategies for automated trust negotiation[J]. ACM Transactions on Information and System Security, 2003, 1(6):1-42 [8] Blaze M, Feigenbaum J, Lacy J. Decentralized trust management Dale J, Dinoh G.Internet Computing. Washington: IEEE Computer Society Press, 1996:164-173 [9] Damiani E, Vimercati S, paraboschi S, et al. A reputation-based approach for choosing reliable resources in peer-to-peer networks Atluri V. Computer and Communications Security. Washington: ACM Press, 2002: 207-216 [10] Dellarocas C. Sanctioning reputation mechanisms in online trading environment with pure moral hazard[J]. Information Systems Research, 2005, 16(2), 209-230 [11] Huai J P, Zhang Y, Li X X, et al. Distributed access control in CROWN groups Feng W C. Parallel Processing. Washington: IEEE Computer Society, 2005: 435-442 [12] Li N, Du W, Boneh D. Oblivious signature based envelope Manku G S. ACM Symposium on Principles of Distributed Computing. New York: ACM Press, 2003:182-189

施引文献

资源附件(0)

访问统计