自主式社群網路身分的設計與實作

Yuxuan Lin; 林鈺烜

請用此 Handle URI 來引用此文件： http://tdr.lib.ntu.edu.tw/jspui/handle/123456789/55872

完整後設資料紀錄

DC 欄位	值	語言
dc.contributor.advisor	薛智文(Chih-Wen Hsueh)
dc.contributor.author	Yuxuan Lin	en
dc.contributor.author	林鈺烜	zh_TW
dc.date.accessioned	2021-06-16T05:09:53Z	-
dc.date.available	2015-08-22
dc.date.copyright	2014-08-22
dc.date.issued	2014
dc.date.submitted	2014-08-19
dc.identifier.citation	[1] Facebook — a social network. https://www.facebook.com/, 2004. [Online; accessed 2014-07-15]. [2] Login with Facebook. https://developers.facebook.com/products/login/, 2004. [Online; accessed 2014-07-15]. [3] OpenID Authentication 2.0 - Final. http://openid.net/specs/openid-authentication-2_0.html, 2007. [Online; accessed 2014-07-15]. [4] OpenID Foundation. http://openid.net/foundation/, 2007. [Online; accessed 2014-07-15]. [5] Information technology – security techniques – entity authentication assurance framework, 2013. [6] OpenID Connect. http://openid.net/developers/specs/, 2014. [Online; accessed 2014-07-15]. [7] Jonathan Anderson, Claudia Diaz, Joseph Bonneau, and Frank Stajano. Privacy-enabling social networking over untrusted networks. In Proceedings of the 2Nd ACM Workshop on Online Social Networks, WOSN ’09, pages 1–6, New York, NY, USA, 2009. ACM. [8] Angela Bonifati, Hui (Wendy)Wang, and Ruilin Liu. Spac: A distributed, peer-to-peer, secure and privacy-aware social space. In Proceedings of the 19th ACM International Conference on Information and Knowledge Management, CIKM ’10, pages 1953–1954, New York, NY, USA, 2010. ACM. [9] L.J. Camp. Digital identity. Technology and Society Magazine, IEEE, 23(3):34–41, Fall 2004. [10] Xu Cheng and Jiangchuan Liu. Nettube: Exploring social networks for peer-to-peer short video sharing. In INFOCOM 2009, IEEE, pages 1152–1160, April 2009. [11] Ed H. Chi. Information seeking can be social. Computer, 42(3):42–46, March 2009. [12] Federal Financial Institutions Examination Council. Authentication in an internet banking environment. Financial Institution Letter, FIL-103-2005. Washington, DC: Federal Deposit Insurance Corp.(FDIC). Retrieved March, 18:2005, 2005. [13] M.L. Das, A Saxena, and V.P. Gulati. A dynamic id-based remote user authentication scheme. Consumer Electronics, IEEE Transactions on, 50(2):629–631, May 2004. [14] Hoang Giang Do, Wee Keong Ng, and Zhendong Ma. Privacy-preserving social network for an untrusted server. In Cloud and Green Computing (CGC), 2013 Third International Conference on, pages 472–478, Sept 2013. [15] L. Harn. A public-key based dynamic password scheme. In Applied Computing, 1991., [Proceedings of the 1991] Symposium on, pages 430–435, Apr 1991. [16] Tom N. Jagatic, Nathaniel A. Johnson, Markus Jakobsson, and Filippo Menczer. Social phishing. Commun. ACM, 50(10):94–100, October 2007. [17] Jens Janiuk, Alexander Macker, and Kalman Graffi. Secure distributed data structures for peer-to-peer-based social networks. In Collaboration Technologies and Systems (CTS), 2014 International Conference on, pages 396–405, May 2014. [18] C.I Jaramillo, G.G. Richard, S.O. Sperry, andW. Patterson. An implementation of a zero-knowledge protocol for a secure network login procedure. In Southeastcon ’89. Proceedings. Energy and Information Technologies in the Southeast., IEEE, pages 197–201 vol.1, Apr 1989. [19] Moo Nam Ko, G.P. Cheek, M. Shehab, and R. Sandhu. Social-networks connect services. Computer, 43(8):37–43, Aug 2010. [20] P. Leach, M. Mealling, and R. Salz. RFC 4122: A Universally Unique IDentifier (UUID) URN Namespace, 2005. [21] Wanying Luo, Qi Xie, and U. Hengartner. Facecloak: An architecture for user privacy on social networking sites. In Computational Science and Engineering, 2009. CSE ’09. International Conference on, volume 3, pages 26–33, Aug 2009. [22] VictorS. Miller. Use of elliptic curves in cryptography. In HughC. Williams, editor, Advances in Cryptology CRYPTO 85 Proceedings, volume 218 of Lecture Notes in Computer Science, pages 417–426. Springer Berlin Heidelberg, 1986. [23] Xuguang Ren and Xin-Wen Wu. A novel dynamic user authentication scheme. In Communications and Information Technologies (ISCIT), 2012 International Symposiumon, pages 713–717, Oct 2012. [24] Haifeng Yu, P.B. Gibbons, M. Kaminsky, and Feng Xiao. Sybillimit: A nearoptimal social network defense against sybil attacks. In Security and Privacy, 2008. SP 2008. IEEE Symposium on, pages 3–17, May 2008.
dc.identifier.uri	http://tdr.lib.ntu.edu.tw/jspui/handle/123456789/55872	-
dc.description.abstract	近年來社群網站蓬勃發展，Google 和 Facebook 等公司透過搜集分析與操作網際網路上的使用者資料，提供了許多智慧化的服務與資訊。不過，這些本來是私人的資料逐漸被這些公司所把持，其中包括許多個人的隱私。於是，不僅難以確保隱私，也難以在不同公司間的各種網路服務分享與修改個人資料。另一方面，社群網站上存在許多假的甚至惡意的資訊，不僅對使用者造成困擾，也浪費了許多社會成本來處理。因此，本論文提出了自主式的社群網路身分 (Aid)，讓使用者能夠完全掌握自己的資料和隱私。我們將 Aid 從網路服務中獨立出來，讓大部份的資訊儲存在本地，並透過數位簽章的機制進行身分驗證。此外，使用者能夠真正自主的前提是使用者要能先為自己的社會活動負責。因此，我們也提出了一個自主的機制來評估如信用度或真實度等 Aid 的度量，讓使用者可以利用這些度量彼此量化評估。目前我們已經實作出 Aid 的雛型以及給服務使用的應用介面，提供多個學校的實驗室開發相關的自主網路服務。透過『自主量化』的 Aid，相信網路身分能變得更加自主可靠，進而提升社群網路活動的品質。	zh_TW
dc.description.abstract	As the booming of social network recently, companies such as Google and Facebook provide intelligent services and information by collecting, analyzing, and manipulating user data on the Internet. However, these originally private data which contain lots of privacy gradually become dominated by these companies. Thus, not only might the privacy not be ensured but it is also difficult to share and update personal data among services of different companies. On the other hand, much information is fake or even malicious on social network. It not only confuses users but also wastes lots of social cost to handle. Hence, this thesis proposes an autonomous identity (Aid) for social network to provide users with total control of own data and privacy. Aid is designed independent from network services, most of Aid information is stored locally, and it is authenticated by digital signature. Moreover, users need to be responsible for their social activities before they can be really autonomous. Therefore, we also propose an autonomous mechanism to evaluate metrics of Aid, such as credit or reality, so that users can evaluate one another by these metrics quantitatively. We have implemented the prototype of Aid and application programming interfaces for services, offered some laboratories of some universities to develop autonomous network services. By Aid of 'autonomous quantification', we believe network identities become more autonomous and reliable to increase the quality of activities in social network.	en
dc.description.provenance	Made available in DSpace on 2021-06-16T05:09:53Z (GMT). No. of bitstreams: 1 ntu-103-R01922065-1.pdf: 611001 bytes, checksum: f682b33467d275564c29b8562fa41d74 (MD5) Previous issue date: 2014	en
dc.description.tableofcontents	Contents 1 Introduction 1 2 Background 7 2.1 Universally Unique Identifier . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8 2.1.1 Version 1 (MAC Address) . . . . . . . . . . . . . . . . . . . . . . . . . . . 9 2.1.2 Version 4 (Random) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10 2.2 Authentication Methods . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11 2.2.1 Traditional Password Scheme . . . . . . . . . . . . . . . . . . . . . . . . . 11 2.2.2 OpenID Connect . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12 2.3 Digital Signature Scheme . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14 2.3.1 Elliptic Curve Digital Signature Algorithm . . . . . . . . . . . . . . . . . . 15 3 Design of Autonomous Identity 18 3.1 Architecture of Aid . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19 3.1.1 AidCenter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21 3.1.2 AidTool . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22 3.1.3 DataStorage . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22 3.1.4 CacheServer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23 3.2 Data Structure of Aid . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23 3.2.1 Actor Profiles . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24 3.3 Authentication of Aid . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25 3.4 Credit and Reality . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26 4 Implementation 27 4.1 Creating Aid . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29 4.1.1 Key Generation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30 4.1.2 Sign In Process . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31 4.2 Updating Aid . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32 4.2.1 Resetting System Identifier or Password . . . . . . . . . . . . . . . . . . . . 33 4.2.2 Forgetting UUID and Password . . . . . . . . . . . . . . . . . . . . . . . . 33 4.2.3 Destroying Aid . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34 4.3 Feasibility Discussion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34 5 Conclusion 36 Bibliography 37
dc.language.iso	zh-TW
dc.subject	網路身分	zh_TW
dc.subject	身分自主	zh_TW
dc.subject	身份驗證	zh_TW
dc.subject	數位簽章	zh_TW
dc.subject	社群網路	zh_TW
dc.subject	network identity	en
dc.subject	autonomous identity	en
dc.subject	authentication	en
dc.subject	digital signature	en
dc.subject	social network	en
dc.title	自主式社群網路身分的設計與實作	zh_TW
dc.title	The Design and Implementation of Autonomous Identity for Social Network	en
dc.type	Thesis
dc.date.schoolyear	102-2
dc.description.degree	碩士
dc.contributor.oralexamcommittee	徐讚昇,張榮貴,陳敬
dc.subject.keyword	網路身分,身分自主,身份驗證,數位簽章,社群網路,	zh_TW
dc.subject.keyword	network identity,autonomous identity,authentication,digital signature,social network,	en
dc.relation.page	40
dc.rights.note	有償授權
dc.date.accepted	2014-08-19
dc.contributor.author-college	電機資訊學院	zh_TW
dc.contributor.author-dept	資訊工程學研究所	zh_TW
顯示於系所單位：	資訊工程學系

文件中的檔案：

檔案	大小	格式
ntu-103-1.pdf 未授權公開取用	596.68 kB	Adobe PDF

顯示文件簡單紀錄

系統中的文件，除了特別指名其著作權條款之外，均受到著作權保護，並且保留所有的權利。