臺灣博碩士論文加值系統

在網際網路的蓬勃發展下，使用者可以藉網路之便向遠端伺服器要求服務，傳統用於單機上的存取控制矩陣法，面對現今分散式的環境下，於使用者識別與存取控制的應用上，越顯績效不彰。
目標資源趨於多樣化的情況下，授權的種類已經不是以往簡單的讀、寫、擁有、執行所可以涵蓋的。且傳統矩陣對於維護成本消耗頗大，因為傳統矩陣法常以使用者為主體，作為授權的持有者，進而造成當使用者異動時，會牽動到相關伺服器的控制矩陣更新，造成維護成本居高不下；而且以使用者為主體，並不能支援在組織中經常發生的職務代理情況，這對於組織管理的資訊化也是一個大障礙，因為存取控制架構中若代理機制缺乏或不良，會導致業務的延遲與糾紛。
本研究旨在提供一個憑證式存取控制方法，並符合以角色基礎的存取控制模型，使組織在分散式的環境下，可以安全且精密的作資源的控制，並更能符合組織運作之需要。

As the development of the Internet, users could request for services from remote servers. The traditional access control matrix, which used on personal computer, is inefficient on the aspect of identification and access control in the distributed environment.
Because the objects are varied, permissions are not simply satisfied as read, write, own, and execute. Furthermore, the access control matrix is more expensive and could not offer agent functions that usually happen in the organization. Because matrix usually set permitted user as subject, the access control does not support agent functions. This will cause a big trouble of business delay and disputations within the information organization.
This research supplies a certificate-base access control method that matches the role-based access control models to performed the detail access control and cover all the needs about the process in organizations.

中文摘要......................................................I
ABSTRACT.....................................................II
誌謝........................................................III
目錄.........................................................IV
圖目錄.....................................................VIII
表目錄........................................................X
第1章 緒論....................................................1
1.1 研究背景..................................................1
1.2 研究動機..................................................1
1.3 研究目的與範圍............................................3
1.4 研究方法與步驟............................................3
1.5 論文架構..................................................5
第2章 相關研究................................................6
2.1 存取控制策略-以角色為基礎的存取控制模型...................6
2.1.1 名詞定義................................................8
2.1.2 基礎模型- RBAC0.........................................9
2.1.3 支援角色階層之進階模型-RBAC1............................9
2.1.4 支援策略限制之進階模型- RBAC2..........................10
2.1.5 整合模型- RBAC3........................................10
2.2 參照監視器-以憑證為基礎之存取控制方法....................11
2.2.1 以矩陣為基礎之參照監視器...............................12
2.2.2 以憑證為基礎之參照監視器...............................14
2.3 公開金鑰架構-簡單公開金鑰架構............................16
2.3.1 簡易公開金鑰架構簡介..................................17
2.3.2 SPKI認證架構執行過程...................................21
2.3.3. SPKI對XML的支援.......................................25
2.3.4 採用SPKI於本架構的原因.................................36
第3章 系統架構...............................................37
3.1 組成要件.................................................37
3.1.1憑證機構之功能設定......................................38
3.1.2 元件管理者之功能設定...................................38
3.1.3 角色管理者之功能設定...................................40
3.1.4使用者定義..............................................43
3.2 組成要件關係設計.........................................44
3.2.1 元件管理者可分配授權之管理.............................45
3.2.2 角色管理者可分配角色之管理.............................46
3.2.3 授權分配管理...........................................47
3.2.4 使用者分配管理.........................................49
3.2.5 失效憑證管理...........................................49
3.2.6 授權存取次數管理.......................................50
3.3 角色繼承策略.............................................51
第4章 元件存取流程與異動處理.................................53
4.1 元件存取流程.............................................53
4.1.1 普通元件存取...........................................53
4.1.2 門檻式元件存取.........................................56
4.1.3 次數限制元件存取.......................................61
4.1.4 角色代理元件存取.......................................63
4.2 系統異動處理.............................................68
4.2.1 授權許可異動處理.......................................68
4.2.2 角色異動處理...........................................69
4.2.3 使用者異動處理.........................................70
4.2.4 角色管理者異動處理.....................................70
4.2.5 元件管理者異動處理.....................................71
第5章 管理需求與安全性分析...................................72
5.1 管理需求評估.............................................72
5.1.1憑證管理................................................72
5.1.2資料交換管理............................................73
5.1.3 授權管理...............................................73
5.1.4 配置作業管理...........................................73
5.1.5 關係變動管理...........................................74
5.2 安全性分析...............................................74
5.2.1 憑證與傳輸之安全性基礎.................................74
5.2.2 合法憑證遭受冒用之處理.................................75
5.2.3憑證遭受竄改之可能性....................................75
5.2.4重放攻擊之防禦..........................................75
第6章 結論與未來研究方向.....................................77
6.1 結論.....................................................77
6.2 未來研究方向.............................................78
參考文獻.....................................................79

[1] 賴溪松、韓亮、張真誠（民八四），「近代密碼學及其應用」，松崗電腦圖書資料股份有限公司。
[2] Department of defense in U.S.A., [1985], "Department of Defense Trusted Computer System Evaluation Criteria", http://www.radium.ncsc.mil/tpep/library/rainbow/5200.28-STD.html.
[3] Sandhu, R. and Samarati, P., [1994],"Access Control: Principles and Practice", IEEE Communications Magazine, Vol. 32, No. 9, pp. 40-48.
[4] Ferraiolo, D. and Kuhn, R., [1992], "Role-Based Access Controls" ,Proceedings of the 15th National Computer Security Conference, Vol II, pp 554-563.
[5] Sandhu, R. and Feinstein, H., [1994], "A three tier architecture for role-based access control", Proc. of 17th NIST-NCSC National Computer Security Conference Baltimore, MD, pp 138-149.
[6] Sandhu, R., Coyne, E., Feinstein, H. and Youman, C., [1994],"Role-Based access control: A multi-dimensional view", Proc. of 10th Annual Computer Security Application Conf.,pp 54-62.
[7] Ferraiolo, D., Cugini, J. and Kuhn, D., [1995], "Role-Based Access Control (RBAC): Features and Motivations", 11th Annual Computer Security Applications Proceedings.
[8] Sandhu, R. and Munawer, Q., [1998], "The RRA97 model for role-based administration of role hierarchies", Proceedings of 13th Annual Computer Security Application Conference.
[9] Barkley, J., [1997], "Comparing simple role based access control models and access control lists", Second ACM Workshop on Role-Based Access Control.
[10] Sandhu, R., Coyne, E., Feinstein, H. and Younman, C., [1996], "Role-Based Access Control Models", Computer Vol. 29 2, pp 38-47.
[11] Lampson, B., [1974], Protection. ACM Oper. Syst. Rev.8, 1, pp. 18-24.
[12] Graham, G. and Denning, P., [1972], "Protection: Principles and practice", AFIPS Conf. Procs., pp. 417-429.
[13] Diffie, W. and Hellman, M., [1976], "New directions in cryptography," IEEE Transactions on Information Theory, vol. IT-22, pp. 644-654.
[14] Rivest, R., Shamir, A., and Adleman, L., [1978], "A method of obtaining Digital Signatures and Public-key Cryptosystems", Communications of the ACM, Vol.21, No.2, pp. 120~126.
[15] ElGamal, T., [1985], "A Public-Key Cryptosystem and a Signature Scheme Based on Discrete Logarithms, " IEEE Trans. On Information Theory, Vol.IT-31, No.4, pp. 469-472.
[16] Thompson, M., Johnston, W., Mudumbai, S., Hoo, G., Jackson, K. and Essiari, A., [1999],"Certificate-based Access Control for Widely Distributed Resources", Proceedings of the 8 th USENIX Security Symposium, Washington, D.C., USA.
[17] Burr, W., Dodson, D., Nazario, N. and Timothy Polk, W., [1997], "MISPC Minimum Interoperability Specification for PKI Components, Version 1", Output of NIST's Cooperative Research and Development Agreements for Public Key Infrastructure development with AT&T, BBN, Certicom, Cylink, DynCorp, IRE, Motorola, Northern Telecom, Spyrus, and VeriSign, http://csrc.nist.gov/pki/documents/mispcv1.doc.
[18] Wang, Y., [1998], "SPKI," Proceedings of the Helsinki University of Technology Seminar on Network Security Authorization and Access Control in Open Network Environment (http://www.tml.hut.fi/Opinnot/Tik-110.501/1998/).
[19] Nykanen, T., [2000], "Attribute Certificates in X.509", Tik -110.501 Seminar on Network Security.
[20] Rivest, R., [1997], "S-Expressions", http://theory.lcs.mit.edu/~rivest/sexp.txt, draft-rivest-sexp-00.txt.
[21] American National Standards Institute, [1986], "Coded Character Set--7-bit American Standard Code for Information Interchange", ANSI X3.4.
[22] Freed, N. and Borenstein, N., [1996], "Multipurpose Internet Mail Extensions (MIME) Part One: Format of Internet Message Bodies", RFC 2045.
[23] CCITT, [1988], Recommendation X.509, The Directory - Authentication Framework, volume VIII of CCITT Blue Book, pp. 48-81.
[24] Gutmann, P., [2000], "X.509 Style Guide", http://www.cs.auckland.ac.nz/~pgut001/pubs/x509guide.txt.
[25] Ellison, C., Frantz, B., Lampson, B., Rivest, R., Thomas, B., Ylonen, T., [2000], "Simple Public Key Certificate", http://world.std.com/~cme/spki.txt.
[26] Ellison, B., Frantz, B., Lampson, B., Rivest, R., Thomas, B. and Ylonen, T., [1998], "SPKI Example", http://world.std.com/~cme/examples.txt.
[27] Ellison, C., [1999], "SPKI Requirements", RFC2962.
[28] Ellison, C., et al., [1999], "SPKI Certificate Theory", RFC2693.
[29] ISO 8879, [1986], Information processing -- Text and office systems -- Standard Generalized Markup Language (SGML).
[30] Bray, T., et al., [2000], "Extensible Markup Language (XML) 1.0 (Second Edition)", http://www.w3.org/TR/2000/REC-xml-20001006/, W3C Recommendation.
[31] Pjrvi, J., [2000], "XML Encoding of SPKI Certificates", Work in Progress, http://search.ietf.org/internet-drafts/draft-paajarvixml -spki-cert-00.txt.
[32] Orri, X., [2002], "SPKI-XML Certificate Structure ". Work in Progress, http://www.potaroo.net/ietf/ids/draft-orri-spki-xml-cert-struc-00.txt.