Please wait a minute...
J4  2010, Vol. 44 Issue (5): 897-902    DOI: 10.3785/j.issn.1008-973X.2010.05.011
自动化技术、计算机技术     
信任管理中的匿名授权方法
彭志宇, 李善平, 杨朝晖, 林欣
浙江大学 计算机科学与技术学院, 浙江 杭州 310027
Anonymous authorization in trust management
PENG Zhi-yu, LI Shan-ping, YANG Zhao-hui, LIN Xin
College of Computer Science and Technology,Zhejiang University,Hangzhou 310027, China
 全文: PDF  HTML
摘要:

为了解决信任管理授权过程中的用户隐私泄露问题,提出匿名授权方法.针对经典的基于角色的信任管理语言中实名申请服务的缺陷,用动态查找出的代理角色集来代理用户申请服务,既保证了授权管理中证书链查找的正常进行,又实现了用户真实身份以可量化的方式对资源提供者匿名,证明了该方法的最坏时间复杂度与传统的正向证书链搜索保持一致.为了提高实际应用中的时间性能,提出在各个结点上缓存其成员的优化机制.实验表明,通过缓存优化,该匿名授权方法的时间性能在证书变化频率较低的稳定系统中得到了大幅提高.

Abstract:

An anonymous authorization mechanism was proposed to protect the user’s privacy in the process of authorization in trust management.User requested for services using their real identification in most of the classic trustmanagement language system, which potentially leaded to the privacy leaking. Through dynamically searching for the delegation roles which take over the request,the anonymous authorization mechanism retained the right behavior of credential chain discovery and achieved a quantitative way of anonymity against the resource provider.Results showed that the anonymous mechanism shared the same worstcase time complexity with the traditional forward credentialchainsearching method.A method of caching all the members in the nodes was proposed to improve the performance in time spending.Simulation results showed that the performance in time spending greatly improved in the relative stable systems,in which the credentials change slowly.

出版日期: 2012-03-19
:  TP 309  
基金资助:

国家自然科学基金资助项目(60473052,60773180);浙江省自然科学基金资助项目(Y106427)

通讯作者: 李善平,男,教授,博导.     E-mail: shan@zju.edu.cn
作者简介: 彭志宇(1982—),湖南衡阳人,博士生,从事分布式系统安全和隐私保护的研究.E-mail:pzy202@163.com
服务  
把本文推荐给朋友
加入引用管理器
E-mail Alert
RSS
作者相关文章  

引用本文:

彭志宇, 李善平, 杨朝晖, 林欣. 信任管理中的匿名授权方法[J]. J4, 2010, 44(5): 897-902.

BANG Zhi-Yu, LI Shan-Beng, YANG Chao-Hui, LIN Xin. Anonymous authorization in trust management. J4, 2010, 44(5): 897-902.

链接本文:

http://www.zjujournals.com/eng/CN/10.3785/j.issn.1008-973X.2010.05.011        http://www.zjujournals.com/eng/CN/Y2010/V44/I5/897

[1]  BLAZE M,FEIGENBAUM J,LACY J. Decentralized trust management [C] ∥ Proceedings of the IEEE 17th Symposium on Security and Privacy.Oakland,CA: IEEE,1996: 164173.
[2] CLARKE D,ELIEN J,ELLISON C,et al.Certificate chain discovery in SPKI/SDSI [J].Journal of Computer Security,2001,9(4): 285322.
[3] LI Ninghui,WINSBOROUGH W,MITCHELL J.Distributed credential chain discovery in trust management [J].Journal of Computer Security,2003,11(1): 3586.
[4] CHAPIN P,SKALKA C,WANG X.Authorization in trust management: features and foundations [J].ACM Computing Surveys,2008,40(3): 148.
[5] SWEENEY L.Kanonymity: a model for protecting privacy [J].International Journal on Uncertainty, Fuzziness and Knowledgebased Systems,2002,10(5): 557570.
[6] BERESFORD A,STAJANO F.Location privacy in pervasive computing [J].IEEE Pervasive Computing,2003, 2(1): 4655.
[7] XU T,CAI Y.Exploring historical location data for anonymity preservation in locationbased services [C] ∥ Proceedings of IEEE International Conference on Computer Communication (INFOCOM). Arizona,USA: IEEE,2008: 547555.
[8] GEDIK B,LIU L.Protecting location privacy with personalized kanonymity:architecture and algorithms [J].IEEE Transactions on Mobile Computing,2008,7(1): 118.
[9] 高迎,程涛远,王珊.基于Hilbert曲线的许可证存储策略及查找算法[J].软件学报,2006,17(2): 305314.
GAO Ying,CHENG Taoyuan,WANG Shan.Certificates storage strategy and search algorithm based on Hilbert curve [J].Journal of Software,2006,17(2): 305314.
[10] WINSBOROUGH W,SEAMONS K,JONES V.Automated trust negotiation [C] ∥ Proceedings of the DARPA Information Survivability Conference and Exposition. South Carolina,USA: IEEE,2000: 88102.

[1] 王友卫, 刘元宁, 朱晓冬. 用于图像内容认证的半脆弱水印新算法[J]. J4, 2013, 47(6): 969-976.
[2] 李卓,陈健,蒋晓宁,曾宪庭,潘雪增. 基于多域特征的JPEG图像盲检测算法[J]. J4, 2011, 45(9): 1528-1538.
[3] 姜励, 陈健, 平玲娣, 陈小平. 多线程程序的信息抹除和降密安全策略[J]. J4, 2010, 44(5): 854-862.
[4] 黄勇, 陈小平, 陈文智, 等. 支持动态调节的保密性和完整性统一模型[J]. J4, 2009, 43(8): 1377-1382.