臺灣博碩士論文加值系統

行動代理人的優點在於執行任務(task)時可以恣意移動於不同環境之中，同時也會依照所處的環境進行自動偵測與自我修正(adapting)，並完成使用者所指派的task。由於它具備了上述的這些特性，使得行動代理人可以廣泛的被應用在不同領域之中，像是電子商務、無線通訊與資訊安全技術等。在1983年，Akl和Taylor [1]提出了superkey的概念，解決了行動代理人的金鑰管理概念。之後在1998年，Volker和Mehrdad [2]提出樹狀架構的存取控制行動代理人模型。因此本篇論文將使用公開金鑰為基礎的概念和階層式行動代理人模型，並且加入橢圓曲線加密系統(Elliptic Curve Cryptosystem, ECC)的機制，使用橢圓曲線可以增加行動代理運算能力，因為橢圓曲線具有較短的金鑰長度和加密與解密時有較高的效能特性。此外，使用者在使用此階層式架構一段時間後，將會發生因故退出系統或變更使用權限的情形，此時，為了避免使用者繼續使用舊有的金鑰被非法延續使用，而系統必須不斷的更新金鑰，以變更金鑰原有的存取權限，此做法可能會引起不必要的錯誤與風險之外，同時系統也需花費大量的計算成本，因此，本篇論文將提出日期限制金鑰管理機制，以金鑰附加日期的方式，將金鑰賦予使用期限，如此一來，使金鑰管理更有效率。

The core competencies that a mobile agent possesses are free-roaming between different Internet environment, and autonomous environment detection and adaptation while executing the tasks that are assigned by the users. Because of these competencies, the concept of mobile agent is widely used in many different fields, such as Internet business, wireless communication, and information security technologies and etc... In 1983, Akl and Taylor [1] suggested the concept of superkey to resolve the key management issues faced by the mobile agent. Later in 1998, Volker and Mehrdad [2] proposed a tree base mobile agent model for access control. The proposed paper would be based upon the studies of public key and a hierarchical mobile agent model with addition of Elliptic Curve Cryptosystem (ECC). ECC enhances the operational ability of mobile agent model, because of shorter key length and higher efficiency on encryption and decryption. Besides, after using this hierarchical structure for a period of time, user will be log out of the system due to error or change in user rights. At this time, to prevent a user from illegally continuing to use the old key, the system must continue to update the key in order to change the original access rights of the key, this action could cause unnecessary error and risks and at the same time the system also needs to perform large amount of computations. Therefore, this paper proposes Date-constraint key management scheme, where a date is attached to the key, so as to give a validity period to the key. Thus, key management can be more efficient.

摘要………………………………………………………………………………I
Abstract……………………………………………..…………………….……..II
致謝………………………………………………..…………………….…......III
目錄…….............................................................................................................IV
圖目錄……………………………………..…………..……………..….........VI
表目錄…............................................................................................................VII
Chapter 1 Introduction 1
1.1 Research Motivation 1
1.2 Research Object 2
1.3 Thesis Organization 3
Chapter 2 Related Work 5
2.1 Mobile Agent 5
2.2 Elliptic Curve Cryptosystem 7
2.3 Overview of Volker and Mehrdad’s Scheme 10
2.4 Overview of Hierarchy-based Key Assignment Scheme with Date-constraint 13
Chapter 3 Research Method 16
3.1 Initialization Phase 18
3.2 Key Assignment Phase 18
3.3 Key Derivation Phase 19
3.4 Key Expiration Check Phase 19
3.5 Key Signature Check Phase 19
Chapter 4 Security analysis 23
Chapter 5 Conclusion and Future Work 26
5.1 Conclusion 26
5.2 Future Work 27

Figure 1.2.1: The analysis of security and performance for ECC and RSA….....2
Figure 2.4.1: Framework of mobile agent based on tree structure……...….…..10
Figure 2.4.2: Access structure of key management in V & M’s method.........…11
Figure 3.1: Structure of decryption keys for mobile agent……..………………16
Table 2.2.1: Points over the elliptic curve E23(1, 1) 8

[1]S. G. Akl, P. D. Taylor(1983), “Cryptographic solution to a problem of access control in a hierarchy,” ACM Transactions on Computer Systems” Vol. 1, Issue 3, pp. 239– 248.
[2]R. Volker, J.S. Mehrdad(1998), “Access control and key management for mobile agents,” Computer Graphics, Vol. 22, Issue 4, pp. 457– 461.
[3]A. Karmouch(1998), “Mobile Software Agents for Telecommunications,” Guest Editorial, IEEE Communications Magazine, Vol. 36, No. 7, July, pp. 24-25.
[4]I. C. Lin, H. H. Ou, M. S. Hwang(2004), “Efficient access control and key management schemes for mobile agents,” Computer Standards & Interfaces, Vol. 26, No. 5, pp. 423–433.
[5]F. Hohl(1998), “A model of attacks malicious hosts against mobile agents,” Proceedings of the 4th Workshop on Mobile Object Systems: Secure Internet Mobile Computations, Brussels, Belgium, pp. 105–120.
[6]D. B. Lange, M. Oshima(1998), “Programming and Deploying Java Mobile Agents with Aglets, Addison-Wesley Press,” Massachusetts, USA
[7]N. Koblitz(1987), “Elliptic Curve Cryptosystems,” Mathematics of Computation, Vol. 48, No. 177, pp. 203-209.
[8]V. S. Miller(1986), “Use of Elliptic Curves in Cryptography,” Advances in Cryptology: Proceedings of Crypto ''85, Vol. 218, pp. 417-426.
[9]S. T. Wu(2005), “Authentication and Group Secure Communications Using Elliptic Curve Cryptography,” Doctoral Dissertation, National Taiwan University of Science and Technology, Taipei.
[10]Y. F. Chung, H. H. Lee, F. Lai and T. S. Chen(2008), “Access control in user hierarchy based on elliptic curve cryptosystem,” Information Sciences, Vol. 178, No. 1, pp. 230-243.
[11]C. W. Shieh(2006), “An Efficient Design of Elliptic Curve Cryptography Processor,” Master Thesis, Tatung University, Taipei.
[12]K. H. Huang, Y. F. Chung, C. H. Liu, F. Lai and T. S. Chen(2007), “Efficient migration for mobile computing in distributed networks,” Computer Standards & Interfaces.
[13]D. Johnson, A. Menezes and S. Vanstone(2001), “The Elliptic Curve Digital Signature Algorithm (ECDSA),” Information Security, Vol. 1, pp. 36-63.
[14]L. H. Jen(2005), “Study and Implementation of Elliptic Curve Cryptosystem,” Master Thesis, National Sun Yat-Sen University of Technology, Kaohsiung.
[15]J. H. Li(2004), “Hierarchy-Based Key Assignment Scheme with Date-Constraint,” Master Thesis, Feng Chia University, Taichung.