Today companies and organizations are using the Web as the main informationdissemination means both at internal and external level. Information dissemination often takes theform of XML documents that are made availabl...Today companies and organizations are using the Web as the main informationdissemination means both at internal and external level. Information dissemination often takes theform of XML documents that are made available at Web servers, or that are actively broadcasted byWeb servers to interested clients. These documents often contain information at different degrees ofsensitivity, therefore a strong XML security platform and mechanism is needed. In this paper wedeveloped CIT/XML security platform and take a close look to syntax and processing of CIT/digitalsignature model, CIT/encryption model, CIT/smart card crypto and SPKI interface security models.Security services such as authentication, integrity and confidentiality to XML documents and non-XMLdocuments, which exchanged among various servers, are provided.展开更多
The invocation of World Wide Web (www) first triggered mass adoption of the Internet for public access to digital information exchanges across the globe. To get a big market on the Web, a special security infrastructu...The invocation of World Wide Web (www) first triggered mass adoption of the Internet for public access to digital information exchanges across the globe. To get a big market on the Web, a special security infrastructure would need to be put into place transforming the wild-and-woolly Internet into a network with end-to-end protections. XML (extensible Markup Language) is widely accepted as powerful data representation standard for electronic documents, so a security mechanism for XML documents must be provided in the first place to secure electronic commerce over Internet. In this paper the authors design and implement a secure framework that provides XML signature function, XML Element-wise Encryption function, smart card based crypto API library and Public Key Infrastructure (PKI) security functions to achieve confidentiality, integrity, message authentication, and/or signer authentication services for XML documents and existing non-XML documents that are exchanged by Internet for E-commerce application.展开更多
Aiming at the requirement of anonymous supervision of digital certificates in blockchain public key infrastructure(PKI),this paper proposes a ring signature with multiple indirect verifications(RS-MIV).This mechanism ...Aiming at the requirement of anonymous supervision of digital certificates in blockchain public key infrastructure(PKI),this paper proposes a ring signature with multiple indirect verifications(RS-MIV).This mechanism can ensure multiple and indirect verification of certificate signer identity while preserving its anonymity.On this basis,a supervisable anonymous management scheme was designed based on smart contracts,which realizes the anonymity of certificate authority nodes,the anonymous issuance of digital certificates,the anonymous verification of digital certificates,and the traceability of illegal certificate issuers in the blockchain PKI.It is proved that the scheme can guarantee the anonymity and traceability of the certificate issuer’s identity at an acceptable cost.展开更多
文摘Today companies and organizations are using the Web as the main informationdissemination means both at internal and external level. Information dissemination often takes theform of XML documents that are made available at Web servers, or that are actively broadcasted byWeb servers to interested clients. These documents often contain information at different degrees ofsensitivity, therefore a strong XML security platform and mechanism is needed. In this paper wedeveloped CIT/XML security platform and take a close look to syntax and processing of CIT/digitalsignature model, CIT/encryption model, CIT/smart card crypto and SPKI interface security models.Security services such as authentication, integrity and confidentiality to XML documents and non-XMLdocuments, which exchanged among various servers, are provided.
文摘The invocation of World Wide Web (www) first triggered mass adoption of the Internet for public access to digital information exchanges across the globe. To get a big market on the Web, a special security infrastructure would need to be put into place transforming the wild-and-woolly Internet into a network with end-to-end protections. XML (extensible Markup Language) is widely accepted as powerful data representation standard for electronic documents, so a security mechanism for XML documents must be provided in the first place to secure electronic commerce over Internet. In this paper the authors design and implement a secure framework that provides XML signature function, XML Element-wise Encryption function, smart card based crypto API library and Public Key Infrastructure (PKI) security functions to achieve confidentiality, integrity, message authentication, and/or signer authentication services for XML documents and existing non-XML documents that are exchanged by Internet for E-commerce application.
基金This work was supported in part by the National Key Research and Development Program of China under Grant 2018YFB0803603 and Grant 2016YFB0501901in part by the National Natural Science Foundation of China under Grant 61502531,Grant 61702550,and Grant 61802436.
文摘Aiming at the requirement of anonymous supervision of digital certificates in blockchain public key infrastructure(PKI),this paper proposes a ring signature with multiple indirect verifications(RS-MIV).This mechanism can ensure multiple and indirect verification of certificate signer identity while preserving its anonymity.On this basis,a supervisable anonymous management scheme was designed based on smart contracts,which realizes the anonymity of certificate authority nodes,the anonymous issuance of digital certificates,the anonymous verification of digital certificates,and the traceability of illegal certificate issuers in the blockchain PKI.It is proved that the scheme can guarantee the anonymity and traceability of the certificate issuer’s identity at an acceptable cost.