无完全可信PKG身份签名的分层CES方案

J4 ›› 2012, Vol. 47 ›› Issue (9): 7-14.

无完全可信PKG身份签名的分层CES方案

景旭^1,2,3, 何东健^1*

1.西北农林科技大学机械与电子工程学院, 陕西杨凌 712100;
2. 西北农林科技大学信息工程学院, 陕西杨凌 712100;
3. 杭州师范大学杭州市电子商务与信息安全重点实验室,浙江杭州 310036

收稿日期:2012-07-03 出版日期:2012-09-20 发布日期:2012-09-24
通讯作者: 何东健(1957- ),男,教授, 博士生导师,研究方向为智能化检测与控制技术.Email:hdj168@nwsuaf.edu.cn
作者简介:景旭(1971- ),男,副教授,博士研究生,研究方向为信息系统安全. Email:jingxu@nwsuaf.edu.cn
基金资助:
“十二五”国家科技支撑计划项目(2011BAD21B05);中央高校基本科研业务费项目(QN2011036); 杭州市电子商务与信息安全重点实验室资助项目(HZEB201004)

Scheme of hierarchical content extraction signature based on non-credible PKG identity-based signature

JING Xu^1,2,3, HE Dong-jian^1*

1.College of Mechanical and Electronic Engineering, Northwest A ＆ F University, Yangling 712100, Shaanxi, China;
2. College of Information Engineering, Northwest A ＆ F University, Yangling 712100, Shaanxi, China;
3. Hangzhou Key Lab of EBusiness and Information Security, Hangzhou Normal University,
Hangzhou 310036, Zhejiang, China

Received:2012-07-03 Online:2012-09-20 Published:2012-09-24

摘要/Abstract

摘要：

针对管理型SaaS应用整体签批分层处理业务中隐私保护的需求,提出了一种无完全可信私钥生成中心 (private key generator, PKG)身份签名的分层内容摘录签名(content extraction signature,CES)方案。采用分层摘录策略控制分片和签名摘录,基于身份签名克服了公钥基础设施证书管理复杂的问题,由租户和服务提供商的PKG独立生成用户私钥分量,在一定程度上克服了无完全可信PKG问题。分析表明,该方案具有用户私钥的私密性、CES的隐私性和不可伪造性,可推广应用于在线办公、在线图书销售等方面。

关键词: SaaS应用;内容摘录签名;分层摘录;身份签名;隐私保护

Abstract:

To meet the requirement of privacy protection in doing hierarchical business after signing the whole one in management-type software as a service application, a scheme of hierarchical content extraction signature was proposed based on the identity-based signature of non-credible private key generator. The extraction of both fragment and signature was in control by the hierarchical extraction policy. The complexity of certificate in public key infrastructure was avoided based on the identity-based signature. In some extent, the noncredible private key generator problem was weakened whose part independently generated by service provider and tenant. The analyzing results show that the scheme has the specialties of user’s private key’s privacy, un-forge and privacy of CES. It can be applied to online office and book sale.

Key words: software as a service application; content extraction signature; hierarchical extraction; identity-based signature; privacy protection

景旭1,2,3, 何东健1*. 无完全可信PKG身份签名的分层CES方案[J]. J4, 2012, 47(9): 7-14.

参考文献

多维度评价

Viewed

Full text

Abstract

Cited

Shared

Discussed