請用此 Handle URI 來引用此文件:
http://tdr.lib.ntu.edu.tw/jspui/handle/123456789/40391
完整後設資料紀錄
DC 欄位 | 值 | 語言 |
---|---|---|
dc.contributor.advisor | 莊裕澤(Yuh-Jzer Joung) | |
dc.contributor.author | Kuen-Lung Chuang | en |
dc.contributor.author | 莊昆隆 | zh_TW |
dc.date.accessioned | 2021-06-14T16:46:26Z | - |
dc.date.available | 2008-08-04 | |
dc.date.copyright | 2008-08-04 | |
dc.date.issued | 2008 | |
dc.date.submitted | 2008-07-30 | |
dc.identifier.citation | MOSP (Mesh Object Service Protocol). http://www.metop.org/
Internet Explorer. http://www.microsoft.com/taiwan/windows/ie/default.mspx Firefox. http://moztw.org/firefox/ S. William .Cryptography and Network Security, third edition, pp. 4-14. 2002 R. Fielding, J. Gettys, J. Mogul, H. Frystyk, L. Masinter, P. Leach and L. Berners. Hypertext Transfer Protocol - HTTP/1.1. June 1999. AO Freier, P. Karlton and P. Kocher. The SSL Protocol Version 3.0. Nov 1996. Web Service. W3C: http://www.w3.org/2002/ws/ WS-Security Specification. http://www.oasis-open.org/specs/index.php#wssv1.0 B. Atkinson, G. Della-Libera, S. Hada and M. Hondo. Web services security (WS-Security), version 1.0. 2002. WS-Security. http://www.microsoft.com/taiwan/msdn/library/ 2002/Nov-2002/ understw.htm. R. Housley, W. Ford, W. Polk and D. Solo. RFC2459: Internet X.509 Public Key Infrastructure Certificate and CRL Profile. 1999. K. Hummert. RFC 2420: The PPP Triple-DES Encryption Protocol (3DESE). September 1998. J. Kohl and C. Neuman. RFC1510: The Kerberos network'authentication service (v5). September 1993. K. Arnold, A. Wollrath, B. O'sullivan, R. Scheifler and J. Waldo.The Jini Specification (The Jini Technology Series). 1999. SOA project. http://opengroup.org/projects/soa/ N. Eric and L. Greg. Understanding SOA with Web Services, Addison-Wesley. 2005. D. Troy. Java RMI: Remote Method Invocation. 1998 E. Pasi and N. Pekka. Decentralized Jini Security. , In proceedings of the Network and Distributed System Security Symposium, pp. 161-172. February 2001. E. Pasi. Security in the Jini Networking Technology: A Decentralized Trust Management Approach. 2001. S. Toyotaro, M. Satoshi and N. Hidemoto. JiPANG: a Jini-based computing portal system. In Proceedings of the SuperComputing, 2001, pp. 17. November 2001. E. Pasi, G. Christian,and N. Pekka. Securing ad hoc Jini services. 2002 JXTA. https://jxta.dev.java.net/ K. Navaneeth. JXTA and Security. Java P2P Programming. 2002 L, Gong. Project JXTA: A Technology Overview. http://www.jxta.org/project/www/docs/jxtaview_01nov02.pdf. October 2001. JXTA v2.3.x: Java™ Programmer’s Guide. http://www.jxta.org/docs/JxtaProgGuide_v2.3.pdf. January 2005. R. Matei. Peer-to-Peer Architecture Case Study: Gnutella Network. First International Conference on Peer-to-Peer Computing (P2P'01), pp. 99. 2001 I. Clarke, O. Sandberg, B. Wiley and TW Hong. Freenet: A distributed anonymous information storage and retrieval system. In Proceedings of the ICSI Workshop on Design Issues in Anonymity and Unobservability (Berkeley, California) , pp. 46-66. June 2000. T. Dierks and C. Allen. RFC2246: The TLS Protocol Version 1.0. January, 1999. ISO/IEC. Information Technology - Security techniques. Entity Authentication Mechanisms Part 1: General Model. 1991. ISO/IEC. Information Technology - Security techniques. Entity Authentication Mechanisms Part 4: Entity authentication using cryptographic check functions. 1993. D. Whitfleld. The First Ten Years in Public Key Cryptography. Proceedings of the IEEE, pp.560.577. May 1988. K. Burt and S. Jessica. RFC 3347: PKCS #1: RSA cryptography specifications, version 2.0. Internet draft, IETF Network Working Group. September 1998. R. Needham and M. Schroeder. Using Encryption for Authentication in Large Networks of Computers. Communications of the ACM, v.21 n12, pp. 993-999. December 1978. L. Gavin. An attack on the Needham-Schroeder public key authentication protocol.1995 M. Mealling. RFC2915: The Naming Authority Pointer (NAPTR) DNS Resource Record. September 2002. C. John and J. Jeremy. A Survey of Authentication Protocol Literature: Version 1.0. 1997 Jan De Clercq. Single sign-on architectures. 2002. V. Andrej. Revisiting Single Sign-On: A Pragmatic Approach in a New Context. IT Professional, pp.39∼45. January 2001. C. Jonathan. Single Sign-On: Is It Really Possible? Information Systems Security, pp. 112-116. 2000. OpenId. http://openid.net/ http://en.wikipedia.org/wiki/OpenID J. Kotanchik. Security Dynamics. March 1994 Windows Live ID. http://winliveid.spaces.live.com/ OpenIDServers. http://wiki.openid.net//OpenIDServers M. Ahsant, J. Basney and O. Mulmo. Grid Delegation Protocol. UK Workshop on Grid Security Practice, Oxford, July 2004. J. Novotny, S. Tuecke and V. Welch. An Online Credential Repository for the Grid. 2001. R. Merkle. A certified digital signature. Proceedings on Advances in cryptology table of contents, pp. 234-246. 1989. L. Ninghui and J. Mitchell. RT: A role-based trust-management framework. In The Third DARPA Information Survivability Conference and Exposition (DISCEX III). IEEE Computer Society Press, Los Alamitos, Calif, pp. 201- 212. April 2003. L. Ninghui , C. Mitchell , H. Winsborough. Design of a Role-Based Trust-Management Framework, Proceedings of the 2002 IEEE Symposium on Security and Privacy, pp. 114. May 2002. D. Moffett. Delegation of Authority Using Domain-Based Access Rules. July 1990. C. Neuman. Proxy-based authorization and accounting for distributed systems. In Proc. 13th Int. Conf. Distributed Computing Systems, pp. 283-291. May 1993. L. Spooner. The impact of inheritance on security in object-oriented database systems. Report, Computer Science Department, Rensselaer Polytechnic Institute, pp. 1-11. Nov. 1988. .Net Security. http://blogs.msdn.com/shawnfa/archive/2007/05/11/silverlight- security-iii-inheritance.aspx M. Imtiaz and M. Dilts: Design for dynamic user-role-based security. April 2002. F. Ferraiolo, A. Cugini, and R. Kuhn. Role-Based Access Control (RBAC): Features and Motivations. In Proceedings of the Eleventh Annual Computer Security Applications Conference. December. 1995. S. Jajodia and B. Kogan. Integrating an object-oriented data model with multilevel security. In Proceedings of the IEEE Symposium on Security and Privacy, pp. 76–85. July 1990. UUID draft. http://www.opengroup.org/dce/info/draft-leach-uuids-guids-01.txt J. Carter and N. Wegman. Universal Classes of Hash Functions. Journal of Computer and System Sciences, pp.143-154. 1979. L. Gong. Variations on the Themes of Message Freshness and Replay. In Proceedings of the Computer Security Foundations Workshop VI, Franconia, New-Hampshire, pp.131-136. June 1993. L. Gong. Using one-way functions for authentication, Acm Sigcomm Computer Communication Review, v.19 n.5, pp.8-11. October 1989 R. McNaughton and H. Yamada. Regular expressions and state graphs for automata. IRE Trans. Electronic Computers 9:1, pp. 39-47. 1960. | |
dc.identifier.uri | http://tdr.lib.ntu.edu.tw/jspui/handle/123456789/40391 | - |
dc.description.abstract | MOSP是一套開發中的協定,他是一套可以適用在分散、開放式的環境下物件導向系統協定,他可以很優秀的在網路上作出如繼承、介面、多型、封裝等各種物件導向程式語言的特性,是一套很可能在未來成為主流網路協定的一套新協定。而在MOSP之上,目前尚未擁有自己的一套安全機制,這是在未來MOSP普及化之前所必需要做的工作。
在此論文之中,我們會先針對MOSP上所需要的安全機制作一個討論,接著我們會實作出在MOSP之上所適當的安全機制,包括了身份認證與授權。接著,我們會討論在這樣子的情況下,MOSP的安全性機制會有什麼樣子的特性與需要注意的限制,以及增加了這些機制之,MOSP的效能會下降多少。 關鍵字:身份認證,授權、物件導向 | zh_TW |
dc.description.abstract | MOSP is an object-oriented protocol that is suitable for distributed, opened environment. It can easily present the OO characteristics such as inheritance, interface, polymorphism, encapsulation and other OO characterstics. It might probably be one of the main internet protocols. In MOSP, there is none of security mechanisms on it. Security mechanism might be done before it is popular.
In this thesis, we will discuss what kinds and levels of security mechanism MOSP needed. Then we will implement this security mechanism, including authentication and authorization. Finally, we will discuss this security mechanism’s characteristics and limitations. Key words: authentication, authorization, object-oriented. | en |
dc.description.provenance | Made available in DSpace on 2021-06-14T16:46:26Z (GMT). No. of bitstreams: 1 ntu-97-R95725027-1.pdf: 890326 bytes, checksum: 9ea95c811defa48528cf581b2f15b404 (MD5) Previous issue date: 2008 | en |
dc.description.tableofcontents | 誌 謝 ii
論文摘要 iii THESIS ABSTRACT iv Chapter 1 序論 1 1.1 MOSP是什麼? 1 1.2 動機 3 1.3 挑戰 3 1.3.1 物件導向所衍生的問題 3 1.3.2 開放式的系統下實現單點登錄(Single Sign-On): 4 1.4 預期目標: 5 Chapter 2 文獻探討 6 2.1 MOSP通訊協定 6 2.1.1 MOSP Service in Java 6 2.1.2 Java Binding 7 2.1.3 Object-Oriented MOSP 7 2.1.4 Security issues in MOSP 8 2.2 Some Similar Systems 9 2.2.1 HTTP 9 2.2.2 Web Service and WS-Security 11 2.2.3 Kerberos 14 2.2.4 JINI 16 2.2.5 JXTA:P2P 19 2.2.6 Brief Summary 22 2.3 身份認證演算法 23 2.4 單點登錄(Single Sign-on) 28 2.4.1 OpenID 29 2.4.2 Windows Live ID 31 2.4.3 Brief Summary 32 2.5 權限授權 (credential delegation) 33 2.5.1 Delegation 33 2.5.2 授權範圍(Realms): 34 2.6 Java Inheritance and Security Inheritance 37 2.7 總結 40 Chapter 3 System Design 42 3.1 System Overview 42 3.2 物件設計與物件互動 47 3.2.1 User ID 48 3.2.2 Object Domain 49 3.2.3 Login() 50 3.2.4 AuthKey and Credential 52 3.2.5 UIdConfirm() 53 3.2.6 Active User ID(Auid) 54 3.2.7 AUIdConfirm() 55 3.2.8 離線通知 56 3.2.9 Brief Summary 57 3.3 Authorization in MeshObject 58 3.3.1 Use authentication in Java Language Binding 59 3.4 Access Control 61 3.4.1 Access Control in Java Language Binding 61 3.5 授權範圍 62 3.6 Summary 64 Chapter 4 Implementation and Examples 66 4.1 MeshObject 66 4.2 Peer 66 4.3 Connection and RequestHandler 68 4.4 Authentication server 70 4.5 AuthService for Service Provider 74 4.5.1 Java Language Binding中的service provider 75 4.5.2 Capability of Systems 77 4.5.3 Examples 77 4.6 Summary 81 Chapter 5 Discussions 82 5.1 Login 82 5.2 UidConfirm 84 5.3 AuidConfirm 86 5.4 DeAuthorize 87 5.5 Brief Summary of attacks 88 5.6 Security Inheritance Discussion 88 5.6.1 Inheritance chain 89 5.6.2 Inheritance and Override 91 5.6.3 AccessControl Hierarchy 92 5.6.4 Brief summary 92 5.7 Summary 93 Chapter 6 Conclusion and Future work 94 Chapter 7 Appendix 96 7.1 訊息設計 96 7.1.1 Message的格式: 96 7.2 Response Code 98 7.3 AccessControl流程圖 101 Bibliography 105 | |
dc.language.iso | zh-TW | |
dc.title | 在MOSP之上的物件認證與存取控制架構 | zh_TW |
dc.title | Object Authentication and Access Control Architecture in Mesh Object Service Protocol | en |
dc.type | Thesis | |
dc.date.schoolyear | 96-2 | |
dc.description.degree | 碩士 | |
dc.contributor.oralexamcommittee | 邱舉明,羅乃維,林永松 | |
dc.subject.keyword | 身份認證,授權,物件導向, | zh_TW |
dc.subject.keyword | authentication,authorization,object-oriented, | en |
dc.relation.page | 108 | |
dc.rights.note | 有償授權 | |
dc.date.accepted | 2008-07-31 | |
dc.contributor.author-college | 管理學院 | zh_TW |
dc.contributor.author-dept | 資訊管理學研究所 | zh_TW |
顯示於系所單位: | 資訊管理學系 |
文件中的檔案:
檔案 | 大小 | 格式 | |
---|---|---|---|
ntu-97-1.pdf 目前未授權公開取用 | 869.46 kB | Adobe PDF |
系統中的文件,除了特別指名其著作權條款之外,均受到著作權保護,並且保留所有的權利。