English  |  正體中文  |  简体中文  |  Post-Print筆數 : 27 |  Items with full text/Total items : 110938/141862 (78%)
Visitors : 47661409      Online Users : 1002
RC Version 6.0 © Powered By DSPACE, MIT. Enhanced by NTU Library IR team.
Scope Tips:
  • please add "double quotation mark" for query phrases to get precise results
  • please goto advance search for comprehansive author search
    •  Adv. Search
    HomeLoginUploadHelpAboutAdminister Goto mobile version
    政大機構典藏 > 資訊學院 > 資訊科學系 > 學位論文 >  Item 140.119/85506


    Please use this identifier to cite or link to this item: https://nccur.lib.nccu.edu.tw/handle/140.119/85506


    Title: 一個以代理人為基礎具有分散式認證授權服務的安全性電子交易環境
    An Agent-Based Secure E-Commerce Environment with Distributed Authentication and Authorization Services
    Authors: 李英宗
    Lee, Ing-Chung
    Contributors: 胡毓忠
    Hu, Yu-Jong
    李英宗
    Lee, Ing-Chung
    Keywords: 代理人
    agent
    Date: 2001
    Issue Date: 2016-04-18 16:32:06 (UTC+8)
    Abstract: 本研究計畫的主題在於研究代理人的可信度管理,首要的目標是建立一個以代理人為基礎的安全式電子交易環境。以目前的情況來看,唯有代理人的觀念及技術來執行電子商務仲介者的角色,利用軟體代理者具有自主性,及適時反應等特質,提供服務時的效益和彈性,再輔以適當的安全性管理及深入的可信度探討,電子商務才可能被具體應用到人類實際日常生活上。在作法上除了採用FIPA的規格作為代理人系統平台的實作標準,延伸XML/RDF來便利代理人的建構與溝通,更進一步結合X.509及SPKI/SDSI兩種類型憑證的優點,導入分散式認證授權的觀念,並透過RBAC的控管,形成多重代理人系統的安全架構。配合相關的信任策略及商務模型,以期完成建構一個以代理人為基礎可信任安全式電子交易環境的目標。
    This thesis describes an agent-based secure E-Commerce environment with distributed authentication and authorization services. The previous researches about security issues in agent-mediated E-commerce do not solve the problems of deals with strangers. We merge role based access control (RBAC) concept for adapting the certificates to different business models or new content-based network. Several types of agent delegation mechanism based on our role certificates and some considerations about how to achieve agent trust management with policies both in logics and practice are presented. Finally, We will demonstrate a scenario on FIPA OS system by using agent communication language (ACL) and content language (CL) encoded by XML and XML/RDF.
    封面頁
    證明書
    論文摘要
    致謝詞
    目錄
    圖目錄
    表目錄
    1 Introduction
    1.1 Overview
    1.2 Related Work
    1.3 Contribution
    1.4 Organization
    2 Preliminary
    2.1 Overview
    2.2 Terms
    3 Our approach
    3.1 Overview
    3.2 Agent-Based Secure E-Commerce Environment
    3.2.1 Secure E-Commerce Environment without CA
    3.2.2 Agent Platform
    3.3 Access Control System
    3.3.1 Role-based Access Control
    3.3.2 Role Certificate Authentication
    3.4 Authorization Policy and Delegation Logics
    3.4.1 Symbol Representation
    3.4.2 Certificate Deduction
    3.4.3 Certificate Delegation Network
    3.5 Agent Communication Language
    3.5.1 Certificate Management Operations
    3.5.2 Certificate Encoding in XML/RDF
    4 Implementation
    4.1 Implementation Environment
    4.1.1 Java
    4.1.2 FIPA Request Interaction Protocol
    4.2 System implementation
    4.2.1 system overview
    4.2.2 agent implementation
    4.3 Scenario
    4.3.1 Implementation of Provider Agent
    4.3.2 Implementation of Demander Agent
    4.3.3 Implementation of Matcher Agent
    5 Conclusions
    References
    Reference: [1] Abadi, M., Burrows, M., and Lampson, B. (1993). A Calculus for Access Control in Distributed Systems. ACM Transactions on Programming Languages and Systems, 15(4), 706-734.
    [2] Aura, T. (1998). On the Structure of Delegation Network. Proceedings of the 11th IEEE Computer Security Foundations Workshop, IEEE Computer Society Press, 14-26.
    [3] Aura, T. (1999). Distributed Access-Rights Management with Delegation Certificates. Secure Internet Programming: Security Issues for Mobile and Distributed Objects LNCS 1603, Springer-Verlag, 213-238.
    [4] Blaze, M., Feigenbaum, J., and Lacy, J. (1996). Decentralized Trust Management. Proceedings of the 17th Symposium on Security and Privacy, 164-173.
    [5] Camp, L.J. (2000). Trust and Risk in Internet Commerce, MIT Press.
    [6] Chu, Y.H., Feigenbaum, J., LaMacchia, B., Resnick, P., and Strauss, M. (1997). REFEREE: Trust Management for Web Applications. World Wide Web Journal, 2, 127-139.
    [7] Ellison, M. Carl, et al. (1999). SPKI Certificate Theory, RFC 2693, Internet Society. See ftp://ftp.isi.edu/in-notes/rfc2693.txt
    [8] Extensible Markup Language (XML). See http://www.w3.org/XML/
    [9] FIPA Specification Repository. See http://www.fipa.org/repository/index.html
    [10] Gerck, E. (1998). Overview of Certification systems. See http://www.mcg.org.br
    [11] He, Q., Sycara, K., and Finin, T.W. (1998). Personal Security Agent: KQML-Based PKI, ACM Conference on Autonomous Agents.
    [12] Herzbery, A., Mass, Y., Mihaeli, J., Naor, D., and Ravid, Y. (2000). Access Control Meets Public Key Infrastructure, Or: Assigning Roles to Strangers, 2000 IEEE Symposium on Security and Privacy, 2-14.
    [13] Hu, Y.J. (2001). Some Thoughts on Agent Trust and Delegation. Proceedings of The 5th International Conference on Autonomous Agents 2001.
    [14] JDOM. See http://www.jdom.org/
    [15] Jennings, R.N., Sycara, K., and Wooldridge M. (1998). A Roadmap of Agent Research and Development. Journal of Autonomous Agents and Multi-Agent Systems, 1(1), 7-38.
    [16] Kimbrough, O.S. and Moore, A.S. (1997). On Automated Message Processing in Electronic Commerce and Work Support Systems: Speech Act Theory and Expressive Felicity, ACM Transactions on Information Systems, 15(4), 321-367.
    [17] NIST Role Based Access Control. See http://hissa.nist.gov/rbac/
    [18] Nortel Networks FIPA-OS. See http://sourceforge.net/projects/fipa-os/
    [19] Nwana, S.H., et al. (1998). Agent-Mediated Electronic Commerce: Issues, Challenges and some Viewpoints. Proceedings of the 2nd International Conference on Autonomous Agent 98, 189-196.
    [20] Resource Description Framework (RDF). See http://www.w3.org/RDF/
    [21] Rivest, R., and Lampson, B., SDSI: A Simple Distributed Security Infrastructure (SDSI). See http://theory.lcs.mit.edu/~cis/sdsi.html
    [22] Special Interest Group on Agent-Mediated Electronic Commerce. See http://www.iiia.csic.es/AMEC/
    [23] Wong, H. C., and Sycara, K. (1999). Adding Security and Trust to Multi-Agent Systems. Proceedings of Autonomous Agents ’99 (Workshop on Deception, Fraud and Trust in Agent Societies). 149-161.
    [24] XML-Signature WG. See http://www.w3.org/Signature/
    Description: 碩士
    國立政治大學
    資訊科學學系
    Source URI: http://thesis.lib.nccu.edu.tw/record/#A2002001572
    Data Type: thesis
    Appears in Collections:[資訊科學系] 學位論文

    Files in This Item:

    File SizeFormat
    index.html1KbHTML2399View/Open


    All items in 政大典藏 are protected by copyright, with all rights reserved.


    社群 sharing

    著作權政策宣告 Copyright Announcement
    1.本網站之數位內容為國立政治大學所收錄之機構典藏,無償提供學術研究與公眾教育等公益性使用,惟仍請適度,合理使用本網站之內容,以尊重著作權人之權益。商業上之利用,則請先取得著作權人之授權。
    The digital content of this website is part of National Chengchi University Institutional Repository. It provides free access to academic research and public education for non-commercial use. Please utilize it in a proper and reasonable manner and respect the rights of copyright owners. For commercial use, please obtain authorization from the copyright owner in advance.

    2.本網站之製作,已盡力防止侵害著作權人之權益,如仍發現本網站之數位內容有侵害著作權人權益情事者,請權利人通知本網站維護人員(nccur@nccu.edu.tw),維護人員將立即採取移除該數位著作等補救措施。
    NCCU Institutional Repository is made to protect the interests of copyright owners. If you believe that any material on the website infringes copyright, please contact our staff(nccur@nccu.edu.tw). We will remove the work from the repository and investigate your claim.
    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library IR team Copyright ©   - Feedback