本文選題：電子商務(wù)安全協(xié)議 + Kailar邏輯�。� 參考：《西南交通大學(xué)》2013年博士論文

【摘要】：隨著計(jì)算機(jī)網(wǎng)絡(luò)的飛速發(fā)展,電子商務(wù)逐漸成為人們進(jìn)行商務(wù)活動(dòng)的新模式。電子商務(wù)安全協(xié)議是構(gòu)建電子商務(wù)安全環(huán)境的基礎(chǔ),是保障電子商務(wù)順利應(yīng)用與發(fā)展的關(guān)鍵技術(shù)。電子商務(wù)安全協(xié)議是以密碼學(xué)為基礎(chǔ)的消息交換協(xié)議,參與者采取的一系列步驟去完成某一任務(wù),其目的是在網(wǎng)絡(luò)信道不可靠的情況下,確保通信安全以及傳輸數(shù)據(jù)的安全。 電子商務(wù)安全協(xié)議除了需滿足傳統(tǒng)安全協(xié)議所需滿足的認(rèn)證性、保密性和完整性外,還需滿足可追究性、公平性、時(shí)限性及匿名性等安全屬性。因此電子商務(wù)安全協(xié)議的設(shè)計(jì)與分析面臨著諸多困難和挑戰(zhàn),也成為了信息安全領(lǐng)域中的一個(gè)重要課題,具有重要的理論意義和現(xiàn)實(shí)應(yīng)用價(jià)值。 本文主要圍繞電子商務(wù)安全協(xié)議的設(shè)計(jì)以及形式化分析技術(shù)展開研究,取得了些研究成果。 對電子商務(wù)安全協(xié)議的基本概念、分類及其安全屬性進(jìn)行了綜述和分析,對電子商務(wù)安全協(xié)議安全性設(shè)計(jì)及形式化分析方法進(jìn)行綜述性研究,討論各種方法的優(yōu)缺點(diǎn)及其存在的問題。 指出了一個(gè)認(rèn)證電子郵件協(xié)議在可追究性和公平性上存在的安全缺陷,在此基礎(chǔ)上提出了一種基于在線第三方的認(rèn)證電子郵件協(xié)議,以滿足認(rèn)證電子郵件的一般安全特性。利用擴(kuò)展Kailar邏輯對該協(xié)議進(jìn)行分析,說明該協(xié)議滿足不可否認(rèn)性及公平性,并具有抗篡改、重放等攻擊、及第三方無法獲得郵件內(nèi)容等優(yōu)點(diǎn)。 采用組合協(xié)議分析方法及PCL邏輯分析了ECS2協(xié)議的弱公平性。指出了ZZW協(xié)議存在不滿足保密性、可追究性和公平性的安全缺陷,并提出了改進(jìn)方案。提出一種結(jié)合組合協(xié)議分析以及Kailar邏輯的分析思路,用于分析基于離線第三方的電子商務(wù)安全協(xié)議的可追究性及公平性,并分析了改進(jìn)后的ZZW協(xié)議,證明了該協(xié)議能夠彌補(bǔ)原協(xié)議的安全隱患。 針對移動(dòng)環(huán)境中網(wǎng)絡(luò)及計(jì)算條件受限的情況,在考慮有效性和支付效率的基礎(chǔ)上,設(shè)計(jì)了一個(gè)適應(yīng)于移動(dòng)環(huán)境的公平移動(dòng)支付協(xié)議。該協(xié)議由認(rèn)證、支付、恢復(fù)、結(jié)算四個(gè)子協(xié)議構(gòu)成。在認(rèn)證協(xié)議中通過基于Hash函數(shù)的動(dòng)態(tài)ID機(jī)制滿足了雙向認(rèn)證、有限的匿名性和不可追蹤性,并獲取不可偽造性的、可重用的支付證書。在支付過程中基于變色龍Hash函數(shù)和雙Hash鏈,實(shí)現(xiàn)了交易的匿名性、可追究性和公平性。最后利用Kailar邏輯對協(xié)議的可追究性和公平性進(jìn)行了形式化分析,結(jié)果表明,協(xié)議在保持較高執(zhí)行效率的同時(shí)能滿足可追究性和公平性,適用于在移動(dòng)環(huán)境以及類似的通信、計(jì)算條件受限的環(huán)境中使用。 針對一般信念邏輯難于分析樂觀公平交換協(xié)議的公平性和時(shí)限性的現(xiàn)狀,將樂觀公平交換協(xié)議定義為類似于Kripke結(jié)構(gòu)的狀態(tài)轉(zhuǎn)換系統(tǒng),對擴(kuò)展Kailar邏輯增加了時(shí)間限定條件及狀態(tài)轉(zhuǎn)換分析。在分析不可否認(rèn)證據(jù)有效性的基礎(chǔ)上,通過考察主體認(rèn)知及信仰的轉(zhuǎn)換過程,達(dá)到分析樂觀公平交換協(xié)議的公平性和時(shí)限性的目的。同時(shí),對一個(gè)典型的樂觀公平交換協(xié)議進(jìn)行了分析,發(fā)現(xiàn)了該協(xié)議存在的兩個(gè)安全缺陷,并給出了改進(jìn)方案。 指出了一個(gè)典型的多方認(rèn)證郵件協(xié)議存在不滿足公平性、可追究性以及個(gè)別不誠實(shí)參與方行為會(huì)導(dǎo)致整個(gè)協(xié)議執(zhí)行失敗等安全隱患。基于簽密方案,對該協(xié)議進(jìn)行了改進(jìn),并利用Kailar邏輯對改進(jìn)后的協(xié)議的安全屬性進(jìn)行了分析。研究結(jié)果表明,該協(xié)議能夠滿足保密性、不可否認(rèn)性及公平性,并具有抗篡改、重放、合謀等攻擊的特點(diǎn)。 本文的研究工作對于電子商務(wù)安全協(xié)議的設(shè)計(jì)以及形式化分析技術(shù)有一定的理論和實(shí)用意義,同時(shí)對于提高電子商務(wù)活動(dòng)的安全性也具有一定的價(jià)值。
[Abstract]:With the rapid development of computer network, e-commerce has gradually become a new model for people to carry out business activities. E-commerce security protocol is the basis for the construction of electronic commerce security environment, and is the key technology to ensure the smooth application and development of e-commerce. The electronic commerce security protocol is a message exchange protocol based on cryptography, and participates in the information exchange protocol A series of steps taken by a person to accomplish a task are aimed at ensuring communication security and data transmission security when the network channel is unreliable.
In addition to satisfying the authentication, confidentiality and integrity of the traditional security protocol, the e-commerce security protocol needs to meet the security attributes such as accountability, fairness, time limit and anonymity. Therefore, the design and analysis of e-commerce security protocols are faced with many difficulties and challenges, and have also become one of the information security fields. An important topic has important theoretical significance and practical application value.
This paper focuses on the design of electronic commerce security protocols and formal analysis technology, and has made some research achievements.
The basic concepts, classification and security attributes of e-commerce security protocols are reviewed and analyzed. The security design and formal analysis methods of e-commerce security protocols are reviewed, and the advantages and disadvantages of various methods and their existing problems are discussed.
This paper points out the security defects of an authenticated e-mail protocol in accountability and fairness. On this basis, a authentication e-mail protocol based on online third party is proposed to meet the general security characteristics of authenticated e-mail. The protocol is analyzed with extended Kailar logic, which shows that the protocol satisfies non repudiation. Recognition and fairness, and has the advantages of anti tampering, replay attacks, and the three party can not get the content of the mail.
A combination protocol analysis method and PCL logic are used to analyze the weak fairness of the ECS2 protocol. It is pointed out that the ZZW protocol has a security defect that does not satisfy the security, can be prosecuted and fair, and proposes an improved scheme. A combination of combination protocol analysis and the analysis of Kailar logic is proposed to analyze the off-line third party based electronics. The feasibility and fairness of the business security protocol are analyzed, and the improved ZZW protocol is analyzed, which proves that the protocol can make up for the potential security risks of the original protocol.
In view of the constraints of network and computing conditions in mobile environment, a fair mobile payment protocol adapted to mobile environment is designed on the basis of effectiveness and payment efficiency. The protocol consists of four sub protocols, which are authentication, payment, recovery and settlement. In the authentication protocol, a dynamic ID mechanism based on Hash function is used to satisfy the double. To authenticated, limited anonymity and untraceability, and obtain unforgable, reusable payment certificates. In the process of payment, the anonymity, accountability and fairness of the transaction are realized based on the chameleon Hash function and double Hash chain. Finally, the formality and fairness of the protocol are analyzed with Kailar logic. The results show that the protocol can satisfy the accountability and fairness while maintaining high execution efficiency, and is suitable for use in a mobile environment and similar communications, with limited computing conditions.
In view of the fact that the general belief logic is difficult to analyze the fairness and the time limit of the optimistic fair exchange protocol, the optimistic fair exchange protocol is defined as a state conversion system similar to the Kripke structure. The time limit conditions and the state transformation analysis are added to the extended Kailar logic. In order to analyze the fairness and time limit of the optimistic and fair exchange protocol, a typical optimistic and fair exchange protocol is analyzed, and two security defects in the protocol are found, and an improved case is given.
It is pointed out that a typical multiparty authentication mail protocol is not satisfied with fairness, accountability and individual dishonest participant behavior will lead to the failure of the whole protocol execution. Based on the signcryption scheme, the protocol is improved, and the security properties of the improved protocol are analyzed with Kailar logic. The results show that the protocol can satisfy confidentiality, non repudiation and fairness, and has the characteristics of anti tampering, replay, collusion and other attacks.
The research work of this paper has some theoretical and practical significance for the design of e-commerce security protocol and the formalized analysis technology, and also has a certain value for improving the security of e-commerce activities.

【學(xué)位授予單位】：西南交通大學(xué)
【學(xué)位級別】：博士
【學(xué)位授予年份】：2013
【分類號】：TP309

【參考文獻(xiàn)】

相關(guān)期刊論文 前10條

1 李方偉;閆少軍;萬麗;;一種新型的電子商務(wù)微支付方案[J];重慶郵電大學(xué)學(xué)報(bào)(自然科學(xué)版);2011年05期

2 張青;張龍;溫巧燕;陳更力;;基于簽密的認(rèn)證郵件協(xié)議[J];電子科技大學(xué)學(xué)報(bào);2008年02期

3 崔軍;劉琦;張振濤;李忠獻(xiàn);楊義先;;可轉(zhuǎn)換認(rèn)證加密的安全郵件協(xié)議[J];電子科技大學(xué)學(xué)報(bào);2010年04期

4 王彩芬,賈愛庫,劉軍龍,于成尊;基于簽密的多方認(rèn)證郵件協(xié)議[J];電子學(xué)報(bào);2005年11期

5 韓志耕;羅軍舟;;多方不可否認(rèn)協(xié)議時(shí)限性分析與改進(jìn)[J];電子學(xué)報(bào);2009年02期

6 文靜華;李祥;張煥國;梁敏;張梅;;基于ATL的公平電子商務(wù)協(xié)議形式化分析[J];電子與信息學(xué)報(bào);2007年04期

7 樊利民;廖建新;;公平的移動(dòng)小額支付協(xié)議[J];電子與信息學(xué)報(bào);2007年11期

8 楊小東;王彩芬;;高效的在線/離線代理重簽名方案[J];電子與信息學(xué)報(bào);2011年12期

9 卿斯?jié)h ,李改成;公平交換協(xié)議的一個(gè)形式化模型[J];中國科學(xué)E輯:信息科學(xué);2005年02期

10 卿斯?jié)h;李改成;;多方公平交換協(xié)議的形式化分析和設(shè)計(jì)[J];中國科學(xué)E輯:信息科學(xué);2006年06期

相關(guān)博士學(xué)位論文 前4條

1 謝鴻波;安全協(xié)議形式化分析方法的關(guān)鍵技術(shù)研究[D];電子科技大學(xué);2011年

2 陳莉;電子商務(wù)安全協(xié)議的設(shè)計(jì)與分析[D];解放軍信息工程大學(xué);2009年

3 陳明;樂觀公平交換協(xié)議形式化邏輯及其自動(dòng)證明技術(shù)[D];重慶大學(xué);2011年

4 閆麗麗;基于串空間理論的安全協(xié)議研究[D];西南交通大學(xué);2012年

，

本文編號：1829452