一种实用的面向Web的公平防抵赖协议

doi:10.3969/j.issn.1001-2400.2011.05.014

J4 ›› 2011, Vol. 38 ›› Issue (5): 85-89.doi: 10.3969/j.issn.1001-2400.2011.05.014

一种实用的面向Web的公平防抵赖协议

苏锐丹;丁振国;周利华

(西安电子科技大学计算机网络与信息安全教育部重点实验室，陕西西安 710071)

收稿日期:2010-08-13 出版日期:2011-10-20 发布日期:2012-01-14
通讯作者: 苏锐丹
作者简介:苏锐丹(1978-)，男，讲师，西安电子科技大学博士研究生，E-mail: rdsu@xidian.edu.cn
基金资助:
国家863软件重大应用示范项目资助(2004AA1Z2502);国家自然科学基金资助项目(60903200)

Practical Web-oriented fair non-repudiation protocol

SU Ruidan;DING Zhenguo;ZHOU Lihua

(Key Lab. of Computer Networks and Information Security of Ministry of Education, Xidian Univ., Xi'an 710071， China)

Received:2010-08-13 Online:2011-10-20 Published:2012-01-14
Contact: SU Ruidan

摘要/Abstract

摘要：

针对大多数电子政务和商务系统是基于Web架构开发，用户端表现为浏览器瘦客户端环境，所实现的防抵赖机制大都不满足公平性，现有的公平防抵赖协议由于交互的复杂性难以应用于实际环境的问题，提出一种新的在线可信第三方公平防抵赖协议．引入可信第三方减少通信双方之间的交互次数，将公平防抵赖功能嵌入到一次HTTP请求与应答交互中，并采用证据链接思想将证据签名验证与撤销检查集中由可信第三方完成，简化证据验证与管理，降低了用户端进行撤销检查与签名时间戳生成的操作开销．该协议具备公平性与及时性特点．

关键词: 公平防抵赖, Web, 证据链接, 及时性

Abstract:

Since more and more transaction systems are built using Web technology, users generally work on thin nodes with the browser where users only can access the internet actively and can not be accessed passively. The non-repudiation service implemented currently mostly does not consider the requirement of fairness and the fair non-repudiation protocols to date can not be suitably applied in real environment due to its complexity of interaction. This paper proposes a practical and fair online-TTP non-repudiation protocol which simplifies protocol interaction with the aid of TTP and can be embedded in one round exchange for HTTP request and response. Evidence chaining is introduced to make TTP process centrally simplify evidence verification and management and decrease the cost of certificate revocation checking and time-stamp generation for signatures on the client-side. The protocol owns properties of strong fairness and timeliness.

Key words: fair non-repudiation, Web, evidence chaining, timeliness

中图分类号:

TP393.01

苏锐丹;丁振国;周利华. 一种实用的面向Web的公平防抵赖协议[J]. J4, 2011, 38(5): 85-89.

SU Ruidan;DING Zhenguo;ZHOU Lihua. Practical Web-oriented fair non-repudiation protocol[J]. J4, 2011, 38(5): 85-89.

参考文献

［1］ Zhou J. Non-Repudiation in Electronic Commerce ［M］. London: Artech House, 2001.
［2］ ISO/IEC. 1991. 1st WD 13888-2. Non-repudiation Using a Symmetric Key Algorithm ［S］. Geneva: ISO/IEC, 1991.
［3］ ISO/IEC. 1996. DIS 10181-4. Information Technology—Open Systems Interconnection—Security Frameworks in Open Systems—Part 4: Non-repudiation ［S］. Geneva: ISO/IEC,1996.
［4］ ISO/IEC. 1997. 2nd CD 13888-3. Information Technology—Security Techniques—Non-repudiation—Part3: Using Asymmetric Techniques ［S］. Geneva: ISO/IEC, 1997.
［5］ ISO/IEC. 1998. 3rd CD 13888-2. Information Technology—Security Techniques—Non-repudiation—Part2: Using Symmetric Encipherment Algorithms ［S］. Geneva: ISO/IEC,1998.
［6］ ISO/IEC. 2004. 13888-1. Information Technology—Security Techniques—Non-repudiation—Part 1: General Model ［S］. Geneva: ISO/IEC, 2004.
［7］ Zhou J, Gollmann D. A Fair Non-repudiation Protocol ［C］//Proc of 1996 IEEE Symposium on Security and Privacy. Washington: IEEE Computer Security Press, 1996: 55-61.
［8］ Kremer S, Markowitch O. Optimistic Non-repudiable Information Exchange ［C］//Proc of 21st Symp on Information Theory in the Benelux, Werkgemeenschap Informatie-en Communicatietheorie. Enschede : Lecture Notesin Computer Science, 2000: 139-146.
［9］ Robinson P, Cook N, Shrivastava S. Implementing Fair Non-repudiable Interactions with Web Services. Technical Report CSTR ［R］. Newcastle: School of Computing Science, Univ Newcastle, 2005.
［10］ Kremer S, Markowitch O, Zhou J. An Intensive Survey of Fair Non-repudiation Protocols ［J］. Computer Communications, 2002, 25(17): 1606-1621.
［11］ You C, Zhou J, Lam K. On the Efficient Implementation of Fair Non-repudiation ［J］. Computer Communication Review, 1998, 28(5): 50-60.

[1]	张涛;马建峰;莫若;李琦;习宁. 服务组合中保障公平性的信誉传播算法[J]. 西安电子科技大学学报, 2016, 43(2): 70-76.
[2]	张昌利;侯蓉晖. 社会化标签系统语义相关度的拓扑图法计算[J]. J4, 2012, 39(3): 196-201.
[3]	黄伯虎;段振华. 量子遗传算法在Web服务选择中的应用[J]. J4, 2010, 37(1): 56-61+67.
[4]	门鹏;段振华. 一种基于Petri网的自动Web服务组合算法[J]. J4, 2008, 35(4): 609-613.
[5]	黄健斌1;2;姬红兵1;孙鹤立3. 多源Web对象与关系数据的集成 [J]. J4, 2007, 34(1): 126-130.
[6]	宣荣喜(1);应zhe(2). 基于AT91M40800微控制器的嵌入式Web技术[J]. J4, 2006, 33(3): 482-485.
[7]	黄健斌1;2;姬红兵1. 基于模糊概念格的Web搜索结果聚类算法[J]. J4, 2005, 32(6): 856-860.
[8]	张喜民;张建国;周利华. 微嵌入式系统Web服务器技术[J]. J4, 2005, 32(1): 116-121.
[9]	权义宁;王宝树;李凤华. WWW访问数据库的技术[J]. J4, 2001, 28(2): 264-268.
[10]	暂时无作者信息. Internet/Web数据挖掘研究现状及最新进展[J]. J4, 2001, 28(1): 114-120.
[11]	暂时无作者信息. 扩展ISAPI支持基于Web应用系统的开发[J]. J4, 1998, 25(5): 0-0.

一种实用的面向Web的公平防抵赖协议

Practical Web-oriented fair non-repudiation protocol

PDF (PC)

赞

可视化

摘要/Abstract

引用本文

使用本文

参考文献

相关文章 11

Metrics

本文评价

推荐阅读 0