(3.237.97.64) 您好!臺灣時間:2021/03/04 12:11
字體大小: 字級放大   字級縮小   預設字形  
回查詢結果

詳目顯示:::

我願授權國圖
: 
twitterline
研究生:陳皇文
研究生(外文):Huang-Wen Chen
論文名稱:適用於開放式網路環境之行動代理人保護機制
論文名稱(外文):Protecting Mobile Agents in an Open Network Environment
指導教授:謝續平謝續平引用關係
指導教授(外文):Shiuh-Pyng Shieh
學位類別:碩士
校院名稱:國立交通大學
系所名稱:資訊工程系
學門:工程學門
學類:電資工程學類
論文種類:學術論文
論文出版年:1999
畢業學年度:87
語文別:英文
論文頁數:45
中文關鍵詞:行動代理人安全授權智慧卡開放式網路
外文關鍵詞:mobile agentsecurityauthorizationIC cardopen network
相關次數:
  • 被引用被引用:0
  • 點閱點閱:72
  • 評分評分:系統版面圖檔系統版面圖檔系統版面圖檔系統版面圖檔系統版面圖檔
  • 下載下載:0
  • 收藏至我的研究室書目清單書目收藏:0
隨著行動代理人科技的快速發展,如何在開放式的網路通訊環境中保護行動代理人,使其免於受到其他主機攻擊的研究將愈形重要。行動代理人具有一項特質,即它的路徑無法在出發前決定,因此主機對於行動代理人的存取權限,也無法事先決定,沒受到適當保護的行動代理人則將受到惡意的攻擊。在這篇論文中,我們提出一套行動代理人的授權模型,可以動態的決定主機權限。在此模型中,行動代理人將攜帶數個子物件,每個物件可設立不同的存取政策,我們提出三種執行政策的方式並加以比較。為了展示本模型的優點,我們也搭配使用可抵抗攻擊的硬體裝置來協助授權,並配合授權與修改偵測機制,對欲存取該行動代理人的主機進行授權,以保護行動代理人所攜帶的子物件與資料。因此,行動代理人將可在開放式的網路環境中,達成保護自己的目標。

Protection of a mobile agent against malicious hosts has become an important issue in open network environments recently. An important property specific to a mobile agent is that its travelling path over hosts can not be predetermined, and therefore it is difficult to decide the access privileges of a visited host to the agent. Consequently, a mobile agent without adequate protection will expose itself to malicious attacks. In this thesis, we propose a protection scheme that provides a dynamic decision-maker for authorization and prevents a mobile agent from being attacked by malicious hosts. In our scheme, a mobile agent carries various objects that may be accessed by visited hosts. Each object of an agent is protected with predetermined policies enforced by different approaches. Three approaches to enforce policies are presented and compared. To demonstrate the power of our scheme, we also design the approach that uses IC cards for the determination of access privileges. Through the proposed authorization mechanism and unauthorized modification detector, authorization and object protection can be achieved. Thus, with our scheme, a mobile agent can be protected against attacks from hostile hosts in open network environments.

Chapter 1 Introduction1
1.1 Background1
1.2 Contributions4
1.3 Synopsis5
Chapter 2 Related Work6
2.1 Mobile Cryptography6
2.2 ABYSS: Architecture for Software Protection7
2.3 Trusted Service9
2.4 Code Mess Up11
2.5 Environmental Key12
2.6 Other techniques14
Chapter 3 Proposed Protection Scheme15
3.1 Authorization Mechanism15
3.2 Policies for Authorization16
3.3 Enforcement of Policies17
3.3.1 Predetermined Authorization with Cryptography18
3.3.2 Dynamic Authorization with Trusted Third Party19
Chapter 4 Authorization with IC Card21
4.1 System Components21
4.2 Mobile Agent Architecture25
4.3 Mechanisms28
4.3.1 Registration and Key Renewal for IC Card28
4.3.2 Authorization Mechanism29
4.3.3 Unauthorized Modification Detector31
4.4 Protection during the Life Cycle of Mobile Agents33
4.4.1 Creation Phase34
4.4.2 Arrival Phase35
4.4.3 Execution Phase36
4.4.4 Departure Phase38
4.4.5 Disposal Phase39
4.6 Security Analysis39
Chapter 5 Conclusions42
References43

[And97]Jean-Marc Andreoli, Frqncois Pacull, and Remo Pareschi, "XPECT: A Framework for Electronic Commerce," IEEE Internet Computing, pp.40-48, Jul. 1997.
[Cho95]Randy Chow and I-Lung Kao, "Modeling Complex Access Control Policies in Distributed Systems," Proceedings of the fifth IEEE Computer Security Workshop on Future Trends of, 1995.
[Far96] W. M. Farmer, J. D. Guttman, and V. Swarup, "Security for Mobile Agents: Issues and Requirements," Proceedings of 19th Nat'l Information Systems security conf. (NISSC 96), pp. 591-597, 1996.
[Gon97] L. Gong, M. Mueller, H. Prafullchandra, and R. Schemers, "Going Beyond the Sandbox: An Overview of the New Security Architecture in the Java Development Kit 1.2," Proceedings of the USENIX Symposium on Internet Technologies and Systems, pp. 103-112, Monterey, California, Dec. 1997.
[Gre98] Michael S. Greeberg and Jennifer C. Byington, Theophany Holding, David G. Harper, "Mobile Agents and Security," IEEE Communication Magazine, pp.76-85, Jul. 1998.
[Har95] C.D. Harrison, D.M. Chess, A. Kershenbaum, "Mobile Agents: Are they a good idea? ," IBM Research Report #RC 19887, IBM Research Division, 1995.
[Hoh97] F. Hohl, "Protecting mobile agents with blackbox security," Proceeding of 1997 Workshop Mobile Agents and Security, Univ. of Maryland, Oct. 1997.
[Jak98]Markus Jakobsson, Ari Juels, "X-Cash: Executable Digital Cash," Financial Cryptography '98, http://www.bell-labs.com/user/markusj /xcash.ps.
[Kar97] Gunter Karjoth, Danny B. Lange, and Mitsuru Oshima, "A Security Model for Aglets," IEEE Internet Computing, pp. 68-77, Jul. 1997.
[Kin97] Joseph Kiniry, Daniel Zimmerman, “A Hands-On Look at Java Mobile Agents,” IEEE Internet Computing, pp. 21-30, Jul. 1997.
[Lia99] Donglin Liang, "An Overview on Securing Mobile Agents," http://www.cis.ohio-state.edu/~dliang/CIS788.U11.
[Osh98] Mitsuru Oshima, Guenter Karjoth, and Kouichi Ono, "Aglets Specification 1.1 Draft," http://trl.ibm.co.jp/aglets/spec11.html, Sep. 1998.
[Pha98] Vu Anh Pham and Ahmed Karmouch, "Mobile Software Agents: An Overview," IEEE Communication Magazine, pp.26-37, Jul. 1998.
[Rio98] James Riordan and Bruce Schneier, "Environmental Key Generation Toward Clueless Agents," Mobile Agents and Security, Vigna, Giovnni (Ed.), LNCS Nr. 1419, Springer-Verlag, 1998.
[Rub98] Aviel D. Rubin, Daneil E. Geer, JR, "Mobile Code Security," IEEE Internet Computing, pp.30-34, Nov. 1998.
[San98] Tomas Sander, Christian F. Tschudin, “Towards Mobile Cryptography,” Proceedings of IEEE Security and Privacy'98 in Oakland, California, 3-6 May 1998.
[San98a] Tomas Sander and Christian F. Tschudin, "Protecting Mobile Agents Against Malicious Hosts," Mobile Agents and Security, Vigna, Giovnni (Ed.), LNCS Nr. 1419, Springer-Verlag, 1998.
[Sch96] B. Schneier: Applied Cryptography, ISBN 0-471-11709-9, J. Wiley & Sons Inc., 1996
[Ven97] B. Venners, "The Architecture of Aglets," JavaWorld, http://java-world.com/javaworld/jw-04-1997/jw-04-hood.html, Apr. 1997.
[Vog97] Hartmut Vogler, Thomas Kunkelmann, Marie-Louise Moschgath, "An Approach for Mobile Agent Security and Fault Tolerance using Distributed Transactions," Proceedings of the 1997 International Conference on Parallel and Distributed Systems in Seoul, Korea, pp. 268-274, 1997
[Weg87] Ingo Wegener, The Complexity of Boolean Functions, Eiley-Teubner, 1987.
[Whi90] S. R. White and L. Comerford, “ABYSS: Architecture for Software Protection,” IEEE Transactions on Software Engineering, Vol. 16, No. 6, pp. 619-629, Jun. 1990.

QRCODE
 
 
 
 
 
                                                                                                                                                                                                                                                                                                                                                                                                               
第一頁 上一頁 下一頁 最後一頁 top
系統版面圖檔 系統版面圖檔