节点文献
基于身份密码学的电子商务安全体系研究
Research on Identity-Based Cryptography Electronic Business Security Architecture
【作者】 曾建新;
【导师】 刘先锋;
【作者基本信息】 湖南师范大学 , 计算机应用技术, 2008, 硕士
【摘要】 传统的电子商务安全中主要应用PKI/CA体系来通过实体认证、数字签名、加密等技术手段来保证电子商务的机密性、完整性、可用性、认证性和不可否认性。但由于PKI/CA体系数字证书管理复杂,不适于实时在线交易等问题,因此有必要对现有PKI/CA体系进行改进。在基于身份密码学(IBC)的公开密钥密码系统(IB-PKCS)中不再使用数字证书,用户公钥是它的身份信息(或由身份信息转化而得出),极大简化了传统的PKI/CA体系负担最重的密钥管理工作。本文将传统公钥密码系统替换为基于身份密码学的公钥密码系统,对WS-Security规范进行扩展,提出了基于身份密码学的Web服务安全(IB-WSS)体系。文中利用双线性映射技术实现了基于身份的公开密钥系统(IB-PKCS)中的基础设施:基于身份的加密(IBE);基于身份的数字签名(IBS);基于身份的密钥协商(IBAKA),并结合已有的XML数字签名、XML加密、Web Services Security规范实现了基于身份的公开密钥基础设施(IB-PKI),构建一个完整的基于身份密码学的电子商务安全体系。最后在一个证券交易系统中实现了安全体系原型。
【Abstract】 The traditional system of Electronic Business security guarantees the Electronic Business’s confidentiality, integrity,usability,the authentication and undeniable mainly through entity authentication,digital signature,encryption by using the PKI/CA system.However,because of the complexity of the digital certificates management in PKI/CA system,it is unsuitable for real-time online exchanges and so on,therefore, it is necessary to improve the existing PKI/CA system.In Identity-Based Cryptography(IBC)of Public Key Cryptography System(IB-PKCS)no longer needed in the digital certificate,the user’ public key is its identity(or identity information into the draw),greatly simplifies the traditional The PKI/CA system with the heaviest burden of key management.This article will replace the traditional public key cryptography system for identity-based cryptography of public key cryptography system,the WS-Security specifications expansion by the identity-based Web services security(IB-WSS) Architecture.To use bilinear pairings technology,this paper achieves the Identity-Based Public Key Cryptography System(IB-PKCS)in infrastructure:identity-based encryption(IBE);identitybased digital signature(IBS);identity-based key agreement (IBAKA);Combined with existed XML digital signature,XML encryption,Web Services Security standard Identity-Based Cryptography of the public key infrastructure(IB-PKI),build a complete identity-based cryptography Electronic Business security system.Finally,the security system prototype in a securities trading system.
【Key words】 Electronic Business; Identity-Based Cryptography; XML Signature; XML Encryption; Web Services Security;
- 【网络出版投稿人】 湖南师范大学 【网络出版年期】2008年 11期
- 【分类号】F713.36;TN918
- 【被引频次】1
- 【下载频次】368