New challenges are introduced when people try to build a general-purpose mobile agent middleware in Grid envi- ronment. In this paper, an instance-oriented security mechanism is proposed to deal with possible security...New challenges are introduced when people try to build a general-purpose mobile agent middleware in Grid envi- ronment. In this paper, an instance-oriented security mechanism is proposed to deal with possible security threats in such mobile agent systems. The current security support in Grid Security Infrastructure (GSI) requires the users to delegate their privileges to certain hosts. This host-oriented solution is insecure and inflexible towards mobile agent applications because it cannot prevent delegation abuse and control well the diffusion of damage. Our proposed solution introduces security instance, which is an en- capsulation of one set of authorizations and their validity specifications with respect to the agent’s specific code segments, or even the states and requests. Applications can establish and configure their security framework flexibly on the same platform, through defining instances and operations according to their own logic. Mechanisms are provided to allow users delegating their identity to these instances instead of certain hosts. By adopting this instance-oriented security mechanism, a Grid-based general-purpose MA middleware, Everest, is developed to enhance Globus Toolkit’s security support for mobile agent applications.展开更多
Proxy signature has drawn great concerns. However, there still remains a challenge to construct a provably secure and efficient proxy signature scheme. In this paper, we propose an efficient proxy signature scheme bas...Proxy signature has drawn great concerns. However, there still remains a challenge to construct a provably secure and efficient proxy signature scheme. In this paper, we propose an efficient proxy signature scheme based on factoring, and prove that it is secure in the random oracle. Furthermore, we present a new type of proxy signature, called Proxy Signature with Untrustworthy Proxy Signer, and construct a concrete scheme.展开更多
基金Project (No. 602032) supported by the Natural Science Foundationof Zhejiang Province, China
文摘New challenges are introduced when people try to build a general-purpose mobile agent middleware in Grid envi- ronment. In this paper, an instance-oriented security mechanism is proposed to deal with possible security threats in such mobile agent systems. The current security support in Grid Security Infrastructure (GSI) requires the users to delegate their privileges to certain hosts. This host-oriented solution is insecure and inflexible towards mobile agent applications because it cannot prevent delegation abuse and control well the diffusion of damage. Our proposed solution introduces security instance, which is an en- capsulation of one set of authorizations and their validity specifications with respect to the agent’s specific code segments, or even the states and requests. Applications can establish and configure their security framework flexibly on the same platform, through defining instances and operations according to their own logic. Mechanisms are provided to allow users delegating their identity to these instances instead of certain hosts. By adopting this instance-oriented security mechanism, a Grid-based general-purpose MA middleware, Everest, is developed to enhance Globus Toolkit’s security support for mobile agent applications.
基金the National Basic Research Program(973) of China (No. 2007CB31074)the National Natural Science Foundation of China (No. 90718001)
文摘Proxy signature has drawn great concerns. However, there still remains a challenge to construct a provably secure and efficient proxy signature scheme. In this paper, we propose an efficient proxy signature scheme based on factoring, and prove that it is secure in the random oracle. Furthermore, we present a new type of proxy signature, called Proxy Signature with Untrustworthy Proxy Signer, and construct a concrete scheme.
