建立一個以服務多代理者系統為主的公鑰匙架構

學術產出-Theses

Article View/Open

pdf(805)pdf(727)pdf(844)pdf(706)pdf(948)pdf(1143)pdf(1265)pdf(1342)pdf(990)pdf(872)pdf(1038)pdf(654)pdf(740)

Publication Export

Google Scholar^TM

政大圖書館

學術資源探索系統

Citation Infomation

No doi shows Citation Infomation

Simple Record
Full Record

題名	建立一個以服務多代理者系統為主的公鑰匙架構 Building a Public Key Infrastructure for Multi-Agent Systems
作者	唐朝緯 Chao-Wei Tang
貢獻者	胡毓忠 Yuh-Jong Hu 唐朝緯 Chao-Wei Tang
關鍵詞	Public Key Infrastructure Multi-Agent Systems Security Authentication Authorization
日期	2003
上傳時間	17-Sep-2009 13:53:13 (UTC+8)
摘要	代理者（Agent）是一個自主性的軟體程式，可以幫助代表人類在網際網路上從事各種的電子化服務（E-Service）。由於目前多代理者系統缺少了安全管理的機制，以致於目前為止代理者代表人類在網上從事活動的行為還不被大家接受。因此，我們提出了一套以代理者為導向的公鑰匙架構（Agent-Oriented Public Key Infrastructure, APKI），各式各樣的數位憑證被產生、儲存、註銷及驗證，以滿足不同存取控制的需求。例如，代理者的認證是以代理者身份憑證為基礎，而授權的部分則以授權憑證或屬性憑證來做驗證。透過這些數位憑證，我們可以在虛擬網路上的代理者之間建立一條信任路徑，一個安全的電子化服務的實際應用範例將會以此架構實作及呈現出來，以驗證我們所提架構的可行性。 Agent is autonomous software that mediates e-service for human on the Internet. The acceptance of agent-mediated e-service (AMES) is very slow for the lacking of security management infrastructure for multi-agent system. Therefore we proposed an agent-oriented public key infrastructure (APKI) for multi-agent e-service. In this APKI, a taxonomy of digital certificates are generated, stored, verified, and revoked to satisfy different access and delegation control purposes. Agent identity certificate was designed for agent’s authentication whereas attributed and agent authorization certificates were proposed for agent’s authorization and delegation. Using these digital certificates, we establish agent trust relationships on the cyberspace. A trusted agent-mediated e-service scenario will be shown to demonstrate the feasibility of our APKI.
參考文獻	參考文獻 [1] Adams, C., Burmester, M. et. Al., 2000, Which PKI(Public Key Infrastructure) is the right one?, CCS’00 Conference, Athens,Greece. [2] Ellison, Carl M., 2000, Naming and Certificates. Computers, Freedom and Privacy, 2000. [3] Ellison, M. Carl et al.. Simple Public Key Certificate (SPKI). http://clark.net/pub/cme/spki.txt [4] FIPA OS. http://fipa-os.sourceforge.net/. [5] FIPA Standards. http://www.fipa.org. [6] Foner, N. Leonard. 1996. A Security Architecture fo Multi-Agent Matchmaking, Proceeding of the Second International Conference on Multi-Agent System. [7] Finin, Tim, James Mayfield, Chelliah Thirunavukkarasu. 1995. Secret Agents – A security Architecture for the KAML Agent Communication Language. CIKM’95 Intelligent Information Agents Workshop. Baltimore, December 1995. [8] He, Qi, Katia P. Sycara, and Timothy W. Finin. 1998. Personal Security Agent: KQML-Based PKI. Proceedings of the Second International Conference on Autonomous Agents. [9] Hu, Yuh-Jong. 2003. Trusted Agent-Mediated E-Commerce Transaction Services via Digital Certificate Management, Electronic Commerce Research, Vol. 3, Issues 3-4, July-October.2003. [10] Hu, Yuh-Jong. 2001. Some Thoughts on Agent Trust and Delegation. The Fifth International Conference on Autonomous Agents. May 28 – June 1, 2001. Montreal, Canada. [11] Jennings, N., Sycara, K. and Wooldridge, M., 1998, A Roadmap of Agent Research and Development, Journal of Autonomous Agents and Multi-Agent Systems. [12] Klusch, M. and Sycara, K., Brokering and Matchmaking for Coordination of Agent Societies: A Survey. Coordination of Internet Agents. Springer, 2001. [13] Lamsal, Pradip., 2001, Understanding Trust and Security. citeseer.nj.nec.com/lamsal01understanding.html, 2001 [14] Lloyd, S., PKI Forum, 2002, White paper: Understanding Certification Path Construction. PKI Forum’s Technical Group(TWG), 2002. [15] Maurer, Ueli., 1996, Modeling a Public-Key Infrastructure. European Symposium on Research in Computer Security(ESORICS’96). [16] Perlman, R., Sun Microsystems, 1999, An Overview of PKI Trust Models. IEEE Network November/December 1999. [17] PKCS (Public Key Crypto System), RSA Laboratories. http://www.rsa.com/rsalabs/pubs/PKCS/ [18] PKI white paper, http://www.pkiforum.com [19] Polk, W. Timothy et al.. 1996. Public Key Infrastructure: From Theory to Implementation. http://csrc.ncsl.nist.gov/pki/panel/overview.html. NIST. [20] Public-Key Infrastructure (X.509) (pkix), http://www.ietf.org/html.charters/pkix-charter.html [21] Rivest, R. and Bulter Lampson. SDSI – A Simple Distributed Security Infrastructure. http://theory.lcs.mit.edu/cis/sdsi.html [22] Smith, Sean and Marchesini, John. 2002. Virtual Hierarchies-An Architecture for Building and Maintaining Efficient and Resilient Trust Chains. www.dartmouth.edu/~pkilab/slides/NORDSEC6Nov02.pdf , Nov. 2002. [23] UDDI White paper, http://www.uddi.org/whitepapers.html [24] Wong, H. Chi and Katia Sycara. 1999. Adding Security and Trust to Multi-Agent Systems. Proceedings of Autonomous Agents ’99 ( Workshop on Deception, Fraud and Trust in Agent Societies), May 1999, Seattle, Washington. [25] Zimmermann, R. Philip. 1995.The Official PGP User’s Guide , MIT press
描述	碩士國立政治大學資訊科學學系 90753017 92
資料來源	http://thesis.lib.nccu.edu.tw/record/#G0090753017
資料類型	thesis

dc.contributor.advisor	胡毓忠	zh_TW
dc.contributor.advisor	Yuh-Jong Hu	en_US
dc.contributor.author (Authors)	唐朝緯	zh_TW
dc.contributor.author (Authors)	Chao-Wei Tang	en_US
dc.creator (作者)	唐朝緯	zh_TW
dc.creator (作者)	Chao-Wei Tang	en_US
dc.date (日期)	2003	en_US
dc.date.accessioned	17-Sep-2009 13:53:13 (UTC+8)	-
dc.date.available	17-Sep-2009 13:53:13 (UTC+8)	-
dc.date.issued (上傳時間)	17-Sep-2009 13:53:13 (UTC+8)	-
dc.identifier (Other Identifiers)	G0090753017	en_US
dc.identifier.uri (URI)	https://nccur.lib.nccu.edu.tw/handle/140.119/32627	-
dc.description (描述)	碩士	zh_TW
dc.description (描述)	國立政治大學	zh_TW
dc.description (描述)	資訊科學學系	zh_TW
dc.description (描述)	90753017	zh_TW
dc.description (描述)	92	zh_TW
dc.description.abstract (摘要)	代理者（Agent）是一個自主性的軟體程式，可以幫助代表人類在網際網路上從事各種的電子化服務（E-Service）。由於目前多代理者系統缺少了安全管理的機制，以致於目前為止代理者代表人類在網上從事活動的行為還不被大家接受。因此，我們提出了一套以代理者為導向的公鑰匙架構（Agent-Oriented Public Key Infrastructure, APKI），各式各樣的數位憑證被產生、儲存、註銷及驗證，以滿足不同存取控制的需求。例如，代理者的認證是以代理者身份憑證為基礎，而授權的部分則以授權憑證或屬性憑證來做驗證。透過這些數位憑證，我們可以在虛擬網路上的代理者之間建立一條信任路徑，一個安全的電子化服務的實際應用範例將會以此架構實作及呈現出來，以驗證我們所提架構的可行性。	zh_TW
dc.description.abstract (摘要)	Agent is autonomous software that mediates e-service for human on the Internet. The acceptance of agent-mediated e-service (AMES) is very slow for the lacking of security management infrastructure for multi-agent system. Therefore we proposed an agent-oriented public key infrastructure (APKI) for multi-agent e-service. In this APKI, a taxonomy of digital certificates are generated, stored, verified, and revoked to satisfy different access and delegation control purposes. Agent identity certificate was designed for agent’s authentication whereas attributed and agent authorization certificates were proposed for agent’s authorization and delegation. Using these digital certificates, we establish agent trust relationships on the cyberspace. A trusted agent-mediated e-service scenario will be shown to demonstrate the feasibility of our APKI.	en_US
dc.description.tableofcontents	目錄第一章導論 1 1.1 研究背景 1 1.2 研究方向 3 1.3 完成的項目 4 1.4 各章節闡述 4 第二章相關研究 5 2.1 原始人類公開金鑰架構 5 2.2 代理者安全 8 2.3 APKI的開發動機 9 第三章 APKI系統架構 11 3.1 代理者憑證機構 11 3.2 APKI拓樸架構 13 3.3 APKI設計目標及方向 19 第四章憑證管理機制 20 4.1 代理者身份憑證申請 21 4.1.1 尋找上層代理者CA 21 4.1.2 申請代理者身份憑證 22 4.2 代理者身份憑證簽發 24 4.3 代理者身份憑證儲存 25 4.4 代理者身份憑證撤銷 26 4.5 代理者身份憑證驗證 27 4.6 人類屬性憑證 28 4.7 人類/代理者授權憑證 29 第五章信任路徑的建立與信任程度的計算 31 5.1 建立信任路徑 31 5.1.1 尋找信任路徑 31 5.1.2 驗證信任路徑 35 5.2 計算信任程度 36 5.2.1 信任路徑的不足 36 5.2.2 權重的設計 37 5.2.3 權重的給予 37 5.2.4 權重計算演算法 37 5.2.5 多信任路徑的計算 41 第六章以代理者為中介的電子化服務 44 6.1 安全的服務溝通協定 44 6.2 以代理者為中介的電子化服務場景 46 第七章 APKI與MAS 間的整合實作 49 7.1 APKI與MAS的整合 49 7.1.1 FIPA-OS架構 49 7.1.2 系統整合 51 7.1.3 搜尋服務 53 7.2 系統實作 54 7.2.1 實驗室環境設定 54 7.2.2 憑證申請 55 7.2.3 憑證簽發 56 7.2.4 信任路徑搜尋 57 7.2.5 效能分析 58 7.3 未來目標 68 第八章結論 69 參考文獻 71	zh_TW
dc.format.extent	51133 bytes	-
dc.format.extent	59677 bytes	-
dc.format.extent	65053 bytes	-
dc.format.extent	98145 bytes	-
dc.format.extent	104599 bytes	-
dc.format.extent	124852 bytes	-
dc.format.extent	255023 bytes	-
dc.format.extent	211123 bytes	-
dc.format.extent	473003 bytes	-
dc.format.extent	163059 bytes	-
dc.format.extent	505524 bytes	-
dc.format.extent	102901 bytes	-
dc.format.extent	46969 bytes	-
dc.format.mimetype	application/pdf	-
dc.format.mimetype	application/pdf	-
dc.format.mimetype	application/pdf	-
dc.format.mimetype	application/pdf	-
dc.format.mimetype	application/pdf	-
dc.format.mimetype	application/pdf	-
dc.format.mimetype	application/pdf	-
dc.format.mimetype	application/pdf	-
dc.format.mimetype	application/pdf	-
dc.format.mimetype	application/pdf	-
dc.format.mimetype	application/pdf	-
dc.format.mimetype	application/pdf	-
dc.format.mimetype	application/pdf	-
dc.language.iso	en_US	-
dc.source.uri (資料來源)	http://thesis.lib.nccu.edu.tw/record/#G0090753017	en_US
dc.subject (關鍵詞)	Public Key Infrastructure	en_US
dc.subject (關鍵詞)	Multi-Agent Systems	en_US
dc.subject (關鍵詞)	Security	en_US
dc.subject (關鍵詞)	Authentication	en_US
dc.subject (關鍵詞)	Authorization	en_US
dc.title (題名)	建立一個以服務多代理者系統為主的公鑰匙架構	zh_TW
dc.title (題名)	Building a Public Key Infrastructure for Multi-Agent Systems	en_US
dc.type (資料類型)	thesis	en
dc.relation.reference (參考文獻)	參考文獻	zh_TW
dc.relation.reference (參考文獻)	[1] Adams, C., Burmester, M. et. Al., 2000, Which PKI(Public Key Infrastructure) is the right one?, CCS’00 Conference, Athens,Greece.	zh_TW
dc.relation.reference (參考文獻)	[2] Ellison, Carl M., 2000, Naming and Certificates. Computers, Freedom and Privacy, 2000.	zh_TW
dc.relation.reference (參考文獻)	[3] Ellison, M. Carl et al.. Simple Public Key Certificate (SPKI). http://clark.net/pub/cme/spki.txt	zh_TW
dc.relation.reference (參考文獻)	[4] FIPA OS. http://fipa-os.sourceforge.net/.	zh_TW
dc.relation.reference (參考文獻)	[5] FIPA Standards. http://www.fipa.org.	zh_TW
dc.relation.reference (參考文獻)	[6] Foner, N. Leonard. 1996. A Security Architecture fo Multi-Agent Matchmaking, Proceeding of the Second International Conference on Multi-Agent System.	zh_TW
dc.relation.reference (參考文獻)	[7] Finin, Tim, James Mayfield, Chelliah Thirunavukkarasu. 1995. Secret Agents – A security Architecture for the KAML Agent Communication Language. CIKM’95 Intelligent Information Agents Workshop. Baltimore, December 1995.	zh_TW
dc.relation.reference (參考文獻)	[8] He, Qi, Katia P. Sycara, and Timothy W. Finin. 1998. Personal Security Agent: KQML-Based PKI. Proceedings of the Second International Conference on Autonomous Agents.	zh_TW
dc.relation.reference (參考文獻)	[9] Hu, Yuh-Jong. 2003. Trusted Agent-Mediated E-Commerce Transaction Services via Digital Certificate Management, Electronic Commerce Research, Vol. 3, Issues 3-4, July-October.2003.	zh_TW
dc.relation.reference (參考文獻)	[10] Hu, Yuh-Jong. 2001. Some Thoughts on Agent Trust and Delegation. The Fifth International Conference on Autonomous Agents. May 28 – June 1, 2001. Montreal, Canada.	zh_TW
dc.relation.reference (參考文獻)	[11] Jennings, N., Sycara, K. and Wooldridge, M., 1998, A Roadmap of Agent Research and Development, Journal of Autonomous Agents and Multi-Agent Systems.	zh_TW
dc.relation.reference (參考文獻)	[12] Klusch, M. and Sycara, K., Brokering and Matchmaking for Coordination of Agent Societies: A Survey. Coordination of Internet Agents. Springer, 2001.	zh_TW
dc.relation.reference (參考文獻)	[13] Lamsal, Pradip., 2001, Understanding Trust and Security. citeseer.nj.nec.com/lamsal01understanding.html, 2001	zh_TW
dc.relation.reference (參考文獻)	[14] Lloyd, S., PKI Forum, 2002, White paper: Understanding Certification Path Construction. PKI Forum’s Technical Group(TWG), 2002.	zh_TW
dc.relation.reference (參考文獻)	[15] Maurer, Ueli., 1996, Modeling a Public-Key Infrastructure. European Symposium on Research in Computer Security(ESORICS’96).	zh_TW
dc.relation.reference (參考文獻)	[16] Perlman, R., Sun Microsystems, 1999, An Overview of PKI Trust Models. IEEE Network November/December 1999.	zh_TW
dc.relation.reference (參考文獻)	[17] PKCS (Public Key Crypto System), RSA Laboratories. http://www.rsa.com/rsalabs/pubs/PKCS/	zh_TW
dc.relation.reference (參考文獻)	[18] PKI white paper, http://www.pkiforum.com	zh_TW
dc.relation.reference (參考文獻)	[19] Polk, W. Timothy et al.. 1996. Public Key Infrastructure: From Theory to Implementation. http://csrc.ncsl.nist.gov/pki/panel/overview.html. NIST.	zh_TW
dc.relation.reference (參考文獻)	[20] Public-Key Infrastructure (X.509) (pkix), http://www.ietf.org/html.charters/pkix-charter.html	zh_TW
dc.relation.reference (參考文獻)	[21] Rivest, R. and Bulter Lampson. SDSI – A Simple Distributed Security Infrastructure. http://theory.lcs.mit.edu/cis/sdsi.html	zh_TW
dc.relation.reference (參考文獻)	[22] Smith, Sean and Marchesini, John. 2002. Virtual Hierarchies-An Architecture for Building and Maintaining Efficient and Resilient Trust Chains. www.dartmouth.edu/~pkilab/slides/NORDSEC6Nov02.pdf , Nov. 2002.	zh_TW
dc.relation.reference (參考文獻)	[23] UDDI White paper, http://www.uddi.org/whitepapers.html	zh_TW
dc.relation.reference (參考文獻)	[24] Wong, H. Chi and Katia Sycara. 1999. Adding Security and Trust to Multi-Agent Systems. Proceedings of Autonomous Agents ’99 ( Workshop on Deception, Fraud and Trust in Agent Societies), May 1999, Seattle, Washington.	zh_TW
dc.relation.reference (參考文獻)	[25] Zimmermann, R. Philip. 1995.The Official PGP User’s Guide , MIT press	zh_TW

學術產出-Theses

Article View/Open

Publication Export

Google ScholarTM

政大圖書館

Citation Infomation

Google Scholar^TM