可適用於安全交易模型的行動計算之應用研究

Kuo-Hsuan Huang; 黃國軒

請用此 Handle URI 來引用此文件： http://tdr.lib.ntu.edu.tw/jspui/handle/123456789/26886

完整後設資料紀錄

DC 欄位	值	語言
dc.contributor.advisor	賴飛羆
dc.contributor.author	Kuo-Hsuan Huang	en
dc.contributor.author	黃國軒	zh_TW
dc.date.accessioned	2021-06-08T07:30:38Z	-
dc.date.copyright	2008-07-02
dc.date.issued	2008
dc.date.submitted	2008-06-26
dc.identifier.citation	[1] ITU Internet Report 2006: digital.life. [Online]. Available: http://www.itu.int/osg/spu/publications/digitalife/ [2] R.M. Antonio, S.M. Daniel, M.M. Maria and F.G.S. Antonio, “A Survey of Electronic Signature Solutions in Mobile Devices,” Journal of Theoretical and Applied Electronic Commerce Research, Vol. 2, No. 3, pp. 94-109, 2007. [3] H. Gruber and F. Verboven, “The Diffusion of Mobile Telecommunications Service in the European Union,” European Economic Review, Vol. 45, No. 3, pp. 577-588, 2001. [4] S. Feldman, “Electronic Marketplaces,” IEEE Internet Computing, Vol. 4, No. 4, pp. 93-95, 2000. [5] P. Valiente and Heijden, “A Method to Identify Opportunities for Mobile Business Porcesses,” SSE/EFI Working Paper Series in Business Administration, Vol.10, August 2002. [6] U. Varshney and R. Vetter, “Mobile Commerce: Framework, Applications and Networking Support,” ACM/Kluwer Journal on Mobile Networks and Applications, Vol.7, No. 3, pp. 185-198, 2002. [7] A. Gunasekaran and E. Ngai, “Special Issue on Mobile Commerce: Strategies, Technology and Applications, MCSTA,” Decision Support System, pp. 1-3, 2003. [8] R. Dean, “Personalizing Your Web Site,” 1998. Available: http://www.builder.com/ business/personal [9] D.B. Lange and M. Oshima, “Programming and Deploying Java Mobile Agents with Aglets,” Addison-Wesley Longman Publishing Co., Inc. Boston, MA, USA, 1998. [10] T. Selker, “Coach: A Teaching Agent that Learns,” Communications of the ACM, Vol. 37, No. 7, pp. 92-99, 1994. [11] M.R. Genesereth and S.P. Ketchpel, “Software Agents,” Communications of the ACM, Vol. 37, No. 7, pp. 48-53, 1994. [12] J.K. Ousterhout, “Script and Agents: The New Software High Ground,” Invited Talk, USENIX Conference, 1995. [13] C. Castelfranchi, “Guarantees for Autonomy in Cognitive Agent Architecture,” In M. Wooldridge and N.R. Jennings, Ed., Intelligent Agents: Theories, Architectures, and Languages, Springer, pp. 56-70, 1995. [14] M. Wooldridge and N.R. Jennings, “Intelligent Agents: Theory and Practice,” Knowledge Engineering Review, Vol. 10, No. 2, pp. 115-152, 1995. [15] J. Ferber, “Multi-Agent Systems: An Introduction to Distributed Artificial Intelligence,” Addison Wesley, New York, 1999. [16] N.R. Jennings, K. Sycara and M. Wooldridge, “A Roadmap of Agent Research and Development,” Autonomous Agents and Multi-Agent Systems, Vol. 1, pp. 7-38, 1998. [17] F. Zambonelli, N.R. Jennings, A. Omicini and M. Wooldridge, “Agent-Oriented Software Engineering for Internet Applications,” Coordination of internet agents: models, technologies and applications, Springer-Verlag, Heidelberg, Germany, pp. 326-346, 2000. [18] H.S. Nwana, L.C. Lee and N.R. Jennings, “Coordination in software agent systems,” The British Telecom Technical Journal, Vol. 14, No. 4, pp. 79-88, 1996. [19] M.N. Huhns and L.M. Stephens, “Multiagent Systems and Societies of Agents, Multiagent systems: a modern approach to distributed artificial intelligence,” The MIT Press, Cambridge, MA, USA, 79-120 (1999). [20] S.W. Loke, A. Rakotonirainy and K. Schulz, “Location-Based Personal Agents: A Metaphor for Situated Computing,” In Proceeding of IEEE International Workshop on Parallel Processing, Toronto, Canada, pp. 21-24, 2000. [21] J.E. White, “A High-level Framework for Network-based Resource Sharing,” In Proceeding of the AFIPS Conference, pp. 561-570, 1976. [22] D.B. Lange and M. Oshima, “Seven Good Reasons for Mobile Agents: Dispatch Your Agents; Shut off Your Machine,” Communications of the ACM, Vol. 42, No. 3, pp. 88-89, 1999. [23] W. Jansen and T. Karygiannis, “Mobile Agent Security,” NIST Special Publication 800-19, pp. 1-38, 1999. [24] W.A. Jansen, “Countermeasure for Mobile Agent Security,” Computer Communication, Vol. 23, pp.1667-1676, 2000. [25] Bierman, Elmarie, T. Pretoria and E. Cloete, “Classification of Malicious Host Threats in Mobile Agent Computing,” In proceeding of SAICSIT 2002, pp. 141-148, 2002. [26] L. Ma and J.J.P. Tsai, “Formal Modeling and Analysis of a Secure Mobile-Agent System,” IEEE Transactions on Systems, Man, and Cybernetics—Part A: Systems and Humans, Vol. 38, No. 1, pp. 180-196, 2008. [27] M.H. Kuo, “An Intelligent Agent-based Collaborative Information Security Framework,” Expert Systems with Applications, Vol. 32, pp. 585-598, 2007. [28] S. Hacini, Z. Guessoum and Z. Boufaida, “TAMAP: a New Trust-based Approach for Mobile Agent Protection,” Journal in Computer Virology, Vo. 3, pp. 267-283, 2007. [29] D. Chaum and H. van Antwerpen, “Undeniable Signatures,” Advances in Cryptology-Crypto’89, LNCS 435, pp. 212-216, Springer-Verlag, 1989. [30] K. Kurosawa and T. Takagi, “New Approach for Selectively Convertible Undeniable Signature Schemes,” Advances in Cryptology- ASIACRYPT 2006, LNCS 4284, pp. 428-443, Springer-Verlag, 2006. [31] W. Ogata, K. Kurosawa and S.H. Heng, “The Security of the FDH Variant of Chaum's Undeniable Signature Scheme,” IEEE Transactions on Information Theory, Vol 52, No. 5, pp. 2006-2017, 2006. [32] L. El Aimani and D. Vergnaud, “Gradually Convertible Undeniable Signatures,” In Proceedings of the Applied Cryptography and Network Security, LNCS 4521, pp. 478-496, Springer-Verlag, 2007. [33] H. Krawczyk and T. Rabin, “Chameleon Signatures,” In Proceedings of the Network and Distributed System Security Symposium, pp. 143-154, 2000. [34] G. Ateniese and B. de Medeiros, “Identity-based Chameleon Hash and Applications,” In Proceedings of the Financial Cryptography 2004, LNCS 3110, pp.164-180, Springer-Verlag, 2004. [35] X. Chen, F. Zhang and K. Kim, “Chameleon Hashing without Key Exposure,” In Proceedings of the 7th Information Security Conference, LNCS 3225, pp. 87-98, Springer-Verlag, 2004. [36] G. Ateniese and B. de Medeiros, “On the Key Exposure Problem in Chameleon Hashes,” In Proceedings of the 4th Conference on Security in Communication Networks, LNCS 3352, pp. 165-179, Springer-Verlag, 2005. [37] W. Gao, X.L. Wang and D.Q. Xie, “Chameleon Hashes without Key Exposure based on Factoring,” Journal of Computer Science and Technology, Vol. 22, No. 1, pp. 109-113, 2007. [38] M. Zhang, G. Chen and J. Li, “Efficient ID-based Proxy Chameleon Signature from Bilinear Pairings,” In Proceedings of the First International Multi-Symposiums on Computer and Computational Sciences, Vol. 2, pp. 135-141, 2006. [39] A. Shamir and Y. Tauman, “Improved Online/Offline Signature Schemes,” Advances in Cryptology-Crypto 2001, LNCS 2139, pp.355-367, Springer-Verlag, 2001. [40] S. Even, O. Goldreich and S. Micali, “On-line/Off-line digital signatures,” Journal of Cryptology, Vol. 9, No. 1, pp.35-67, Springer-Verlag, 1996. [41] C. Crutchfield, D. Molnar, D. Turner and D. Wagner, “Generic On-line/off-line Threshold Signatures,” In Proceedings of the 9th International Conference on Theory and Practice in Public-Key Cryptography-PKC 2006, LNCS 3958, pp.58-74, Springer-Verlag, 2006. [42] K. Kurosawa and K.S. Samoa, “New On-line/Off-line Signature Schemes without Random Oracles, In Proceedings of the 9th International Conference on Theory and Practice in Public-Key Cryptography-PKC 2006, LNCS 3958, pp.330-346, Springer-Verlag, 2006. [43] X. Chen, F. Zhang, W. Susilo and Y. Mu, “Efficient Generic On-line Off-line Signatures without Key Exposure,” ACNS 2007, LNCS 4521, pp. 18-30, 2007. [44] S.S. Grosche and H. Knospe, “Secure Mobile Commerce,” Electronics & Communication Engineering Journal, pp. 228-238, 2002. [45] A. Tsalgatidou and E. Pitoura, “Business Models and Transactions in Mobile Electronic Commerce: Requirements and Properties,” Computer Networks, Vol. 37, pp. 221-236, 2001. [46] J.A. Senn, “The Emergence of M-Commerce,” Computer, pp.148-150, 2000. [47] U. Varshney, R. Vetter and R. Kalakota, “Mobile Commerce: A New Frontier,” Computer, pp. 32-38, 2000. [48] M. Yao, E. Foo, K. Peng and E. Dawson, “An Improved Forward Integrity Protocol for Mobile Agents,” In Proceedings of the 4th International Workshop on Information Security Applications, LNCS 2908, pp. 272-285, Springer-Verlag, 2003. [49] P. Kotzanikolaou, M. Burmester and V. Chrissikopoulos, “Secure Transactions with Mobile Agents in Hostile Environments,” In Proceedings of the 5th Australasian Conference on Information Security and Privacy, LNCS 1841, pp. 289-297, Springer-Verlag, 2000. [50] B. Lee, H. Kim and K. Kim, “Secure Mobile Agent Using Strong Non-designated Proxy Signature,” In Proceedings of the 6th Australasian Conference on Information Security and Privacy, LNCS 2119, pp. 474-486, Springer-Verlag, 2001. [51] H. Kim, J. Baek, B. Lee and K. Kim, “Secret Computation with Secrets for Mobile Agent using One-time Proxy Signature,” In Proceedings of the 2001 Symposium on Cryptography and Information Security, pp. 845-850, 2001. [52] Y. Shi, L. Cao and X. Wang, “A Security Scheme of Electronic Commerce for Mobile Agents uses Undetachable Digital Signatures,” In Proceedings of the 3rd international conference on Information security, ACM International Conference Proceeding Series Vol. 85, pp. 242-243, 2004. [53] C. Wang and H.F. Leung, “Mobile Agents for Secure Electronic Commerce Transactions with Privacy Protection of the Customers,” In Proceedings of the 2005 IEEE International Conference on e-Technology, e-Commerce and e-Service, pp. 530-535, 2005. [54] M. Yao, M. Henricksen, G. Maitland, E. Foo and E. Dawson, “A Mobile Agent System Providing Offer Privacy,” In proceedings of the 9th Australasian Conference on Information Security and Privacy, LNCS 3108, pp. 301-312, Springer-Verlag, 2004. [55] M. Yao, M. Henricksen, E. Foo and E. P. Dawson, “Offer Privacy in Mobile Agents using Conditionally Anonymous Digital Signatures,” In proceedings of First International Conference on Trust and Privacy in Digital Business, LNCS 3184, pp. 132-141, Springer-Verlag, August 2004. [56] S. Han, E. Chang and T.S. Dillon, “Secure E-Transactions Protocol using Intelligent Mobile Agents with Fair Privacy,” In Studies in Computational Intelligence, pp. 307-326, 2007. [57] W.S. Juang, H.T. Liaw, P.C. Lin and C.K. Lin, “The Design of a Secure and Fair Sealed-bid Auction Service.” Mathematical and Computer Modeling, Vol.41, No. 8-9, pp. 973-985, 2005. [58] K. Peng and E. Dawson, “Efficient Bid Validity Check in ElGamal-Based Sealed-Bid E-Auction,” In proceedings of the third International Conference on Information Security Practice and Experience, LNCS 4464, pp. 209-224, Springer-Verlag, 2007. [59] D.H. Shih, B. Lin and S.Y. Huang, “MoRVAM: A Reverse Vickrey Auction System for Mobile Commerce,” Expert Systems with Applications, Vol. 32, pp. 1113-1123, 2007. [60] C.C. Wu, C.C. Chang and I.C. Lin, “New Sealed-bid Electronic Auction with Fairness, Security and Efficiency,” Journal of Computer Science and Technology, Vol. 23, No. 2, pp. 253-264, 2008. [61] K. Omote and A. Miyaji, “A Practical English Auction with One-time Registration,” In Proceedings of Australasian Conference on Information Security and Privacy, pp. 221-234, 2001. [62] K. Omote and A. Miyaji, “A practical English auction with simple revocation,” IEICE Transactions Fundamentals, E85-A(5), pp. 1054-1061, 2002. [63] L.B. Bhajantri, S.S. Manvi, M.S. Kakkasageri and S.S. Nandi, “Auction System in Wireless Environment,” In proceedings of the 7th WSEAS International Conference on Applied Computer Science, pp. 232-237, 2007. [64] C.C. Chang, Y.F. Chang, “Efficient Anonymous Auction Protocols with Freewheeling Bids,” Computers and Security, Vol. 22, No. 8, pp. 728-734, 2003. [65] R. Jiang, L. Pan, J.H. Li, “An Improvement on Efficient Anonymous Auction Protocols,” Computers and Security, Vol. 24, Vol. 2, pp. 169-174, 2005. [66] M.S. Hwang, E.J. Lu and I.C. Lin, “Adding timestamps to the secure electronic auction protocol,” Data and Knowledge Engineering, Vol. 40, No. 2, pp. 155-162, 2002. [67] H.T. Liaw, W.S. Juang and C.K. Lin, “An Electronic Online Bidding Auction Protocol with Both Security and Efficiency,” Applied Mathematics and Computation, Vol. 174, No. 2, pp. 1487-1497, 2006. [68] K. Nguyen and J. Traore, “An online public auction protocol protecting bidder privacy,” In Proceedings of Australasian Conference on Information Security and Privacy, pp. 427-442, 2000. [69] B. Lee, K. Kim and J. Ma, “Efficient Public Auction with One-time Registration and Public Verifiability,” In Proceedings of the International Conference on INDOCRYPT, pp. 162-174, 2001. [70] Y.F. Chang and C. C. Chang, “Enhanced Anonymous Auction Protocols with Freewheeling Bids,” In Proceedings of the 20th International Conference on Advanced Information Networking and Applications, Vol. 1, pp. 353-358, 2006.
dc.identifier.uri	http://tdr.lib.ntu.edu.tw/jspui/handle/123456789/26886	-
dc.description.abstract	隨著無線網路技術的發展，以及行動裝置在計算與儲存能力的提升，行動計算的相關應用也愈趨於多元化。透過行動裝置，使用者得以不受限於特定地域，使用網際網路所提供的既有服務，同時也進行網路資源的存取。然而，網路的有效性對於行動計算的效能，具有關鍵性的影響力。為了降低行動使用者對於網路有效性的依存度，本研究將行動代理人技術導入行動計算應用中，利用行動代理人的特性—自主性與機動性，協助無線網路環境的行動使用者，進行資料的蒐集與電子交易的執行。在以代理人為基礎的交易協定中，行動代理人攜帶使用者交付的資料，在網路中的各個主機之間遷移，並且執行任務；完成任務之後，再將執行結果攜回至使用者端。就執行效能而言，這種交易協定提供行動使用者一個省時、省力的交易方式；但就安全性而言，如何確保代理人所攜帶的資料不會遭受非法竄改及竊取，將是一個不容忽視的研究課題。行動網路上的電子交易應用策略，系統的設計除了必須滿足執行上的功能，同時也必須符合安全上的需求。因此，本研究提出兩種安全交易協定，分別針對商品價格蒐集與線上拍賣所設計，這是相當常見的電子交易活動。由於商品價格蒐集與線上拍賣交易的交易性質各異，為因應其差異性，必須採取不同的數位簽章機制，以達到所需的安全需求。針對商品價格蒐集的交易協定，本研究提出變色龍簽章機制提供商家對商品報價進行簽署。這種簽章方式允許使用者驗證報價及其簽章的合法性，但卻無法向第三方證明該價格是由某一商家所提供，以避免使用者據此要求其他商家提供更低報價的依據，因此可以避免商場上的惡性競爭。針對重複喊價模式的拍賣交易協定，本研究則提出線上/離線簽章機制，提供競標者對不斷更換的競標價進行簽署。在滿足競標不可否認性的同時，即使對計算能力較差的行動裝置而言，也不致於造成太大的計算負擔。代理人在所提協定中的功能，主要在於協助行動使用者蒐集商品資訊及參與商品拍賣競價；由於量身設計之故，應用系統的安全性更為完整，包括使用者身分的隱私性、交易資料的完整性、交易的不可否認性與公平性，以及資訊傳遞的機密性等，俱可滿足。	zh_TW
dc.description.abstract	Mobile computing applications are becoming increasingly diversified with advances in wireless network technology and the availability of personal mobile devices with enhanced computation and storage capabilities. With mobile devices, users no longer have to be geographically restricted in order to use networked services and access network resources. However, effective network availability plays a critical role in the computing power of mobile devices. To reduce mobile users’ dependence on effective network availability, this study implements mobile agent technology in mobile computing applications, making use of autonomy and mobility features of mobile agents. This allows mobile users to perform data collection and electronic transactions in a wireless network environment. In an agent-based transaction protocol, mobile agents carry information provided by the user and are able to migrate between hosts to execute tasks. After the tasks are completed, the execution results are sent back to the user-end. In terms of execution performance, this transaction protocol provides mobile users with a time-saving and labor-saving trading method. The issue of safety i.e. ensuring the information carried by mobile agents is not modified or eavesdropped on becomes important and cannot be ignored. In designing applied strategies for electronic transactions on a mobile network, safety must be considered along with functionality. This study proposes two secure transaction protocols aimed at two common electronic transaction activities, i.e. price collection and online auction. Price collection and online auction are different kinds of transactions; therefore different digital signature mechanisms must be adopted to meet their security needs. For price collection, this study proposes a chameleon signature scheme for vendors to generate signatures for the pricing of goods. This allows mobile users to verify the validity of the pricing and the legitimacy of the signature. However they are unable to prove to a third party that the price is provided by a certain vendor. Thus, users cannot use the opportunity to request a lower price from other vendors; this prevents market price disruption and vicious competition. For transaction protocols used in online auctions, where repeat biddings occur, this study proposes an on-line/off-line signature scheme which lets bidders generate signatures for the ever-changing bid prices. The bidding process will achieve non-repudiation, and no undue burden will be placed on devices with less computing power. In the proposed protocols, mobile agents help users gather information on goods and participate in online auctions. Since the protocols are tailored to the user’s needs, the security of the application system is comprehensively enhanced. The issues addressed include preserving the privacy of the user’s identity, the integrity of transaction information, non-repudiation and fairness of transactions, and the confidentiality of information exchange.	en
dc.description.provenance	Made available in DSpace on 2021-06-08T07:30:38Z (GMT). No. of bitstreams: 1 ntu-97-D92921013-1.pdf: 472434 bytes, checksum: 6c8f4f9a73efbf5ddd7127b9777cb933 (MD5) Previous issue date: 2008	en
dc.description.tableofcontents	Chapter 1 — Introduction 1 1.1 Background of the Research 1 1.2 Motivation of the Research 3 1.3 Targets and Contributions of the Research 6 1.4 Organization of the dissertation 8 Chapter 2 — Overview of Agent Technology 11 2.1 Agents and Multi-Agent Systems 11 2.2 Characteristics and Advantages of Mobile Agents 13 2.3 Security Threats of Mobile Agents 17 2.4 Security Requirements of Mobile Agents 21 Chapter 3 — Chameleon Hash and its Applications 25 3.1 Preface 25 3.2 New Chameleon Hash Scheme 28 3.3 Proposed Chameleon Signature Scheme 29 3.4 Proposed On-line/Off-line Signature Scheme 34 3.5 Discussion 36 Chapter 4 — Mobile Purchasing Agent Model using Agent-based Price Collection Protocol 37 4.1 Preface 37 4.2 MoPAM: Mobile Purchasing Agent Model 40 4.3 Proposed Agent-based Price Collection Protocol 44 4.4 Analysis of Privacy and Security 53 4.5 Discussion 57 Chapter 5 — Mobile Auction Agent Model using Agent-based English Auction Protocol 59 5.1 Preface 59 5.2 MoAAM: Mobile Auction Agent Model 61 5.3 Proposed Agent-based English Auction Protocol 65 5.4 Analysis of Privacy and Security 73 5.5 Discussion 78 Chapter 6 — Conclusions and Future Work 81 6.1 Conclusions 81 6.2 Future work 82 Bibliography 85
dc.language.iso	en
dc.subject	電子交易協定	zh_TW
dc.subject	行動計算	zh_TW
dc.subject	行動代理人	zh_TW
dc.subject	變色龍雜湊	zh_TW
dc.subject	變色龍簽章	zh_TW
dc.subject	線上/離線簽章	zh_TW
dc.subject	Mobile Agent	en
dc.subject	On-line/Off-line Signature	en
dc.subject	Chameleon Signature	en
dc.subject	Chameleon Hash	en
dc.subject	Mobile Computing	en
dc.subject	Electronic Transaction Protocol	en
dc.title	可適用於安全交易模型的行動計算之應用研究	zh_TW
dc.title	A Study on Mobile Computing Applications to Secure Transaction Models	en
dc.type	Thesis
dc.date.schoolyear	96-2
dc.description.degree	博士
dc.contributor.oralexamcommittee	沈榮麟,周君彥,王立中,鐘玉芳,陳澤雄,李鴻璋
dc.subject.keyword	行動計算,行動代理人,變色龍雜湊,變色龍簽章,線上/離線簽章,電子交易協定,	zh_TW
dc.subject.keyword	Mobile Computing,Mobile Agent,Chameleon Hash,Chameleon Signature,On-line/Off-line Signature,Electronic Transaction Protocol,	en
dc.relation.page	93
dc.rights.note	未授權
dc.date.accepted	2008-06-26
dc.contributor.author-college	電機資訊學院	zh_TW
dc.contributor.author-dept	電機工程學研究所	zh_TW
顯示於系所單位：	電機工程學系

文件中的檔案：

檔案	大小	格式
ntu-97-1.pdf 未授權公開取用	461.36 kB	Adobe PDF

顯示文件簡單紀錄

系統中的文件，除了特別指名其著作權條款之外，均受到著作權保護，並且保留所有的權利。