基于移动代理的电子交易安全方案

doi:10.13190/jbupt.200604.81.hull

北京邮电大学学报 ›› 2006, Vol. 29 ›› Issue (4): 81-85.doi: 10.13190/jbupt.200604.81.hull

基于移动代理的电子交易安全方案

胡兰兰，杨义先

北京邮电大学信息工程学院，北京 100876

收稿日期:2005-07-13 修回日期:1900-01-01 出版日期:2006-08-30 发布日期:2006-08-30
通讯作者: 胡兰兰

Mobile Agent-Based Security Scheme of Electronic Transactions

HU Lan-lan，YANG Yi-xian

School of Information Engineering, Beijing University of Posts and Telecommunications, Beijing 100876, China

Received:2005-07-13 Revised:1900-01-01 Online:2006-08-30 Published:2006-08-30
Contact: HU Lan-lan

摘要/Abstract

摘要：

总结了基于移动代理的电子交易安全需求，在未指定代理者的强代理签名方案的基础上，提出了一种新的安全电子交易方案。新方案增加了客户隐私保护功能，能够有效地解决代理在多个备选商家的主机之间移动时的安全问题，保证了客户和商家双方身份的不可伪造性和交易信息的不可拆分性，可抗重放攻击，实现了各商家之间身份和交易信息的保密。分析表明，新方案满足所有电子交易安全需求，更具实用性。

关键词: 移动代理, 电子交易, 强代理签名

Abstract:

The security requirement for mobile agent-based electronic commerce transactions is summarized. An improved scheme based upon the strong non-designated proxy signature scheme is proposed. The new scheme adds new feature for customer privacy protection and effectively addresses security requirements when mobile agent moves between multiple optional hosts; it also can ensure the unforgeability of customer and shop’s identity, prevent reply attack, moreover, it will secret one shop’s identity and transaction information against others. The security analysis of the proposed scheme show that it meet all security requirements summarized in section one.

Key words: mobile agent, electronic transactions, strong proxy signature

中图分类号:

TN918

胡兰兰，杨义先. 基于移动代理的电子交易安全方案[J]. 北京邮电大学学报, 2006, 29(4): 81-85.

HU Lan-lan，YANG Yi-xian. Mobile Agent-Based Security Scheme of Electronic Transactions[J]. JOURNAL OF BEIJING UNIVERSITY OF POSTS AND TELECOM, 2006, 29(4): 81-85.

参考文献

[1] 李旭晖, 吕慧, 向剑文, 等. 移动代理系统的安全问题[J]. 计算机应用, 2001, 21(7): 5-8. Li Xuhui, Lü Hui, Xiang Jianwen, et al. Security problem of mobile agent systems[J]. Computer Applications, 2001, 21(7): 5-8.
[2] 谷利泽, 李中献, 杨义先. 不需要可信任方的匿名代理签名方案[J]. 北京邮电大学学报, 2005, 28(1): 48-50. Gu Lize, Li Zhongxian, Yang Yixian. A anonymous proxy signature scheme without a trusted party[J]. Journal of Beijing University of Posts and Telecommunications, 2005, 28(1): 48-50.
[3] Hohl F. Time limited blackbox security: protecting mobile agents against malicious hosts //Lecture Notes in Computer Science. Berlin: Springer-Verlag, 1998: 92-113.
[4] Schelderup K, Lones J. Mobile agent security issues and directions// IS&N'99. Hamburg: Spring-Verlag, 1999: 157-167.
[5] 刘创, 邹华, 杨放春. 本地化代理——一种移动代理安全问题的解决方案. 北京邮电大学学报, 2000, 23(3): 59-63. Liu Chuang, Zou Hua, Yang Fangchun. Native agent——a solution to mobile agent security[J]. Journal of Beijing University of Posts and Telecommunications, 2000, 23(3): 59-63.
[6] Lee B, Kim H, Kim K. Secure mobile agent using strong non-designated proxy signature //Lecture Notes in Computer Science. Berlin: Springer-Verlag, 2001: 474-486.
[7] 史扬, 王小平, 曹立明. 保护移动agent的电子交易安全方案[J]. 同济大学学报, 2004, 32(8): 1080-1082. Shi Yang, Wang Xiaoping, Cao Liming. Security scheme of electronic transactions for mobile agents[J]. Journal of Tongji University, 2004, 32(8): 1080-1082.
[8] Wang Changjie, Ho-fung L. Mobile agents for secure electronic commerce transactions with privacy protection of the customers// The 2005 IEEE International Conference on EEE05. : IEEE, 2005: 530-535.
[9] Schneier B. Applied cryptography [M] . 2nd ed. New York: John Wiley & Sons, 1996.
[10] Kotzanikolaous P, Burmester M, Chrissikopoulos V. Secure transactions with mobile agents in hostile environments//Lecture Notes in Computer Science. Berlin: Springer-Verlag, 2000: 289-297.

基于移动代理的电子交易安全方案

Mobile Agent-Based Security Scheme of Electronic Transactions

PDF

可视化

摘要/Abstract

引用本文

使用本文

参考文献

相关文章 6

编辑推荐

Metrics

本文评价

[1]	梁茹冰, 刘琼. 移动环境中语义缓存一致性维护的Agent方法[J]. 北京邮电大学学报, 2014, 37(3): 67-72.
[2]	柳兴, 袁超伟, 杨震, 胡仲伟. 移动云计算中基于移动代理的用户切换与接入控制[J]. 北京邮电大学学报, 2014, 37(2): 88-92.
[3]	胡国政,韩兰胜,王展青. 无证书强代理签名方案的密码学分析及改进[J]. 北京邮电大学学报, 2011, 34(5): 115-118.
[4]	杜红珍1, 2, 温巧燕1, 李文敏1, 金正平1. 高效的无证书强代理签名方案[J]. 北京邮电大学学报, 2008, 31(6): 18-21.
[5]	曲昭伟1,郑岩2,吕廷杰3. 移动IPv6中的服务质量管理架构研究[J]. 北京邮电大学学报, 2006, 29(s1): 135-139.
[6]	刘创, 邹华, 杨放春. 本地化代理——一种移动代理安全问题的解决方案[J]. 北京邮电大学学报, 2000, 23(3): 59-63.