Identity-based cryptography for grid security

The majority of current security architectures for grid systems use public key infrastructure (PKI) to authenticate identities of grid members and to secure resource allocation to these members. Identity-based cryptography (IBC) has some attractive properties that seem to align well with the demands of grid computing. This paper presents a comprehensive investigation into the use of identity-based techniques to provide an alternative grid security architecture. We propose a customised identity-based key agreement protocol, which fits nicely with the grid security infrastructure (GSI). We also present a delegation protocol, which is simpler and more efficient than existing delegation methods. Our study shows that properties of IBC can be exploited to provide grid security services in a more natural and clean way than more conventional public key cryptosystems, such as RSA.     

Reliable and fully distributed trust model for mobile ad hoc networks

A mobile ad hoc network (MANET) is a wireless communication network which does not rely on a pre-existing infrastructure or any centralized management. Securing the exchanges in MANETs is compulsory to guarantee a widespread development of services for this kind of networks. The deployment of any security policy requires the definition of a trust model that defines who trusts who and how. Our work aims to provide a fully distributed trust model for mobile ad hoc networks. In this paper, we propose a fully distributed public key certificate management system based on trust graphs and threshold cryptography. It permits users to issue public key certificates, and to perform authentication via certificates' chains without any centralized management or trusted authorities. Moreover, thanks to the use of threshold cryptography; our system resists against false public keys certification. We perform an overall evaluation of our proposed approach through simulations. The results indicate out performance of our approach while providing effective security.     

A secure short message communication protocol

According to the security requirement of the short message service （SMS） industry application, a secure short message communication protocol is proposed. This is an application level protocol constructed on the standard SMS communication protocol using public key authentication and key agreement without the need of wireless public key infrastructure （WPKI）. Secure short message transmission and dynamic key agreement between mobile terminals and the accessing gateway axe realized. The security of the proposed protocol is validated through the BAN logic. Compared with the standard SMS protocol, the effective payload rate of our protocol can reach 91.4%, and subscriber identity module （SIM） tool kit （STK） applications based on our protocol suit well for all kinds of mobile terminals in practical application.     

网格环境中认证模型的研究

针对目前PKI系统建设和维护成本过高,对网格规模有一定限制的问题。研究了公钥基础设施PKI的体系结构,以及基于身份的PKI(ID-PKI)的认证框架,并分析了两种设施的优缺点。提出了一个PKI和ID-PKI相结合的网格认证框架,并对其结构、工作思想作了描述,进一步分析了它的安全性和效率。该认证框架比传统的基于X.509证书的PKI认证系统结构简单、灵活,因而较大地提高了认证效率,降低了系统成本,其安全性也是可以保证的。     

CyberGuarder: A virtualization security assurance architecture for green cloud computing

As the sizes of IT infrastructure continue to grow, cloud computing is a natural extension of virtualisation technologies that enable scalable management of virtual machines over a plethora of physically connected systems. The so-called virtualisation-based cloud computing paradigm offers a practical approach to green IT/clouds, which emphasise the construction and deployment of scalable, energy-efficient network software applications (NetApp) by virtue of improved utilisation of the underlying resources. The latter is typically achieved through increased sharing of hardware and data in a multi-tenant cloud architecture/environment and, as such, accentuates the critical requirement for enhanced security services as an integrated component of the virtual infrastructure management strategy. This paper analyses the key security challenges faced by contemporary green cloud computing environments, and proposes a virtualisation security assurance architecture, CyberGuarder, which is designed to address several key security problems within the ‘green’ cloud computing context. In particular, CyberGuarder provides three different kinds of services; namely, a virtual machine security service, a virtual network security service and a policy based trust management service. Specifically, the proposed virtual machine security service incorporates a number of new techniques which include (1) a VMM-based integrity measurement approach for NetApp trusted loading, (2) a multi-granularity NetApp isolation mechanism to enable OS user isolation, and (3) a dynamic approach to virtual machine and network isolation for multiple NetApp’s based on energy-efficiency and security requirements. Secondly, a virtual network security service has been developed successfully to provide an adaptive virtual security appliance deployment in a NetApp execution environment, whereby traditional security services such as IDS and firewalls can be encapsulated as VM images and deployed over a virtual security network in accordance with the practical configuration of the virtualised infrastructure. Thirdly, a security service providing policy based trust management is proposed to facilitate access control to the resources pool and a trust federation mechanism to support/optimise task privacy and cost requirements across multiple resource pools. Preliminary studies of these services have been carried out on our iVIC platform, with promising results. As part of our ongoing research in large-scale, energy-efficient/green cloud computing, we are currently developing a virtual laboratory for our campus courses using the virtualisation infrastructure of iVIC, which incorporates the important results and experience of CyberGuarder in a practical context.     

分布式资源共享的网格信息服务的安全与容错

网格技术是新型的分布计算技术, 是解决复杂度越来越高的新应用的重要方法。信息服务是任何网格软件框架的重要部分, 它为发现和监控提供重要的软件机制, 也因此为系统的规划应用行为奠定了基础。在此基础上着重讨论了网格信息服务系统的安全和容错的问题, 指出网格信息服务系统的安全和容错是相互联系相互影响的, 这样的关系要求人们在解决这两个问题时将它们结合起来研究, 这样网格信息服务系统的整体性能将会有很大的提高。1001-3695(2005)03-0019-04     

基于SM2的无证书加密算法

无证书密码系统中无需证书来管理公钥,同时没有标识密码系统中的密钥委托功能.本文描述一种基于SM2加密算法构造的无证书加密算法,并在随机谕示和代数群模型下证明其安全性可以规约到Gap-Diffie-Hellman复杂性假设.因此构造的算法具有可证明安全性,并可基于已有SM2算法部件快速部署等优势.采用该算法的密码系统具有简洁的密钥管理、高效的算法实现,非常适合物联网等需要轻量级公钥算法的应用场景.     

A framework for establishing trust in the Cloud

Cloud infrastructure is expected to be able to support Internet scale critical applications (e.g. hospital systems and smart grid systems). Critical infrastructure services and organizations alike will not outsource their critical applications to a public Cloud without strong assurances that their requirements will be enforced. Central to this concern is that the user should be provided with evidence of the trustworthiness of the elements of the Cloud without getting involved into infrastructure details. In addition, users should be able to control their outsourced data at public Clouds. Establishing Cloud’s trust model is important but the Cloud’s infrastructure complexity and dynamism makes it difficult to address. This paper focuses on an important angle in this direction. We start by identifying the related challenges for establishing trust in the Cloud, and then propose a foundation framework which can help in addressing the identified challenges. Our focus is on IaaS Cloud type and on organizations as Cloud users.     

On the design of secure ATM networks

Asynchronous Transfer Mode (ATM) is seen to be a technology that allows flexibility, efficiency and manageable bandwidth on demand to be achieved in high-speed networks. ATM is able to support a variety of applications including voice, video, image and data with different quality of service requirements. This paper addresses the design and implementation of security services and mechanisms in ATM networks. The paper examines the various design options for the placement of security services within the ATM protocol reference model and considers their advantages and disadvantages. The option of placing the security layer between the ATM Adaptation Layer (AAL) and the ATM layer is selected and the design of security services such as confidentiality, integrity and data origin authentication services in the user plane are described. The paper then presents an authentication scheme and key establishment protocol. This protocol is integrated with the existing ATM signaling protocols as part of the call setup procedures in the control plane. Then the paper discusses a public key infrastructure for the ATM environment and considers the design of public key management protocols between ATM nodes and Certification Authority for initializing, retrieving and distributing public key certificates. Finally, the paper considers the design of access control service for ATM networks and discusses the issues involved in the provision of access control mechanisms both at the connection setup phase and during the user data transfer phase. It seems that the developed security design can be transparently integrated to secure ATM networks.     

基于Agent的网格互连结构

目前有许多论坛、试验环境和研究项目都在进行网格技术的研究，但这些研究都自成体系，采用的技术各不相同，这些网格系统不能互连、互通、互操作．为了解决这一问题，本文提出基于Agent的网格互连结构，把Agent技术和网格技术结合起采，对网格互连的安全机制和资源管理机制进行了研究，并给出了网格互连结构的设计．在本文提出的结构解决了Inter—Domain网格安全机制不同的问题、Inter—Domain网格资源共享的问题，可实现Inter—Domain网格单点登录（Single—Sign—On）和代表（Delegation），具有通用、简单、高效、分布式等优点．     

Efficient, self-contained handling of identity in peer-to-peer systems

Identification is an essential building block for many services in distributed information systems. The quality and purpose of identification may differ, but the basic underlying problem is always to bind a set of attributes to an identifier in a unique and deterministic way. Name/directory services, such as DNS, X.500, or UDDI, are a well-established concept to address this problem in distributed information systems. However, none of these services addresses the specific requirements of peer-to-peer systems with respect to dynamism, decentralization, and maintenance. We propose the implementation of directories using a structured peer-to-peer overlay network and apply this approach to support self-contained maintenance of routing tables with dynamic IP addresses in structured P2P systems. Thus, we keep routing tables intact without affecting the organization of the overlay networks, making it logically independent of the underlying network infrastructure. Even though the directory is self-referential, since it uses its own service to maintain itself, we show that it is robust due to a self-healing capability. For security, we apply a combination of PGP-like public key distribution and a quorum-based query scheme. We describe the algorithm as implemented in the P-Grid P2P lookup system (http:// www.p-grid.org/) and give a detailed analysis and simulation results demonstrating the efficiency and robustness of our approach.     

基于属性和任务的网格授权研究

网格计算作为一种新的分布式计算基础架构,因其资源、服务的异构、动态等特征,决定了安全机制的重要性.访问控制是安全的一个重要的部分.现有的网格授权模型多是基于传统的访问控制方式,没有考虑到网格环境中主体属性和对象属性的多样性,以及具体的任务和执行环境.在借鉴和使用控制模型的基础上,提出一种基于属性和任务的网格授权模型.该模型在考虑主体属性和对象属性的同时,结合具体的任务和执行环境进行授权,并能够在主体属性和对象属性发生变动的情况下,实现动态授权,从而在一定程度上避免了滥用权限的现象.     

PKI services for IPv6

A public key infrastructure (PKI) is a key component for most of the current and future secure communications architectures and distributed application environments. Thus, the process of migrating UMU-PKI to IPv6 is important for the successful deployment of IPv6 as a basic component of the future Internet. A recent European research project provides an ideal opportunity to migrate the Java-based UMU-PKI to IPv6 and build new security services over it.     

A novel software key container in on-line media services

Due to the explosive growth of the Internet and the pervasion of multimedia, protection of IP rights of digital content in transactions induces people’s concerns. For fee-based media services, data encryption may be the best solution for protection of the media. The encryption (decryption) keys placement may be a trivial but crucial issue for users. It is a significant issue that how to practically protect user’s key with the password-based cryptographic scheme and at different security levels. Nowadays, key container storing user’s key can be implemented by hardware or software-only. Unfortunately, the hardware key containers require expensive infrastructure; On the other hand, the software-only key containers are either insecure or impractical. Moreover, both of the hardware and software just store user’s key with the single security level. To solve these problems, we propose a novel software key container in on-line media services that can provide an adaptively secure and practical solution to protect user’s key. We use a human-trapdoor distortion function and symmetric cipher to protect user’s key in our key container so that it is computationally infeasible to break the system by using machine attack alone. The idea is to ensure that people must participate to verify each guessed password in the attack. User can adjust the security level of container according to the security requirement. Therefore, the attacker cannot succeed to extract user’s key within a reasonable time and budget.     

Internet公钥基础设施中的证书路径构造算法

证书路径处理是实现Iternet公钥基础设施中安全认证的重要技术。建立在公钥基础设施上的用户只有通过有效的证书路径才能获得有效的公钥证书。文章基于图的宽度优先搜索算法的思想理论，提出了公钥基础设施中证书路径的构造算法，并讨论了算法的有效性。     

A PKI approach for deploying modern secure distributed e-learning and m-learning environments

While public key cryptography is continuously evolving and its installed base is growing significantly, recent research works examine its potential use in e-learning or m-learning environments. Public key infrastructure (PKI) and attribute certificates (ACs) can provide the appropriate framework to effectively support authentication and authorization services, offering mutual trust to both learners and service providers. Considering PKI requirements for online distance learning networks, this paper discusses the potential application of ACs in a proposed trust model. Typical e-learning trust interactions between e-learners and providers are presented, demonstrating that robust security mechanisms and effective trust control can be obtained and implemented. The application of ACs to support m-learning is also presented and evaluated through an experimental test-bed setup, using the general packet radio service network. The results showed that AC issuing is attainable in service times while simultaneously can deliver flexible and scalable solutions to both learners and e-learning providers.     

Build grid-enabled large-scale collaboration environment in e-Learning grid

As a new branch of grid computing, e-Learning grid is emerging as a nationwide e-Learning infrastructure, which can provide innovative learning experience for learners. In such a grid environment, collaboration services will be the key elements due to the pervasive requirement for cooperative work and collaborative learning. Although there exist enormous research efforts on grid-based collaboration technologies, most of them have many limitations. In this paper, with the findings from the computer support cooperative work (CSCW)/computer support collaborative learning (CSCL) and advantages provided by grid, we propose to build grid-enabled large-scale collaboration environment (GLCE). GLCE focuses on distributed, large-scale, and cross-organizational collaboration through creating group-centered next generation collaboration environment, where both intra-group and inter-group collaboration could be supported. With this idea in mind, we present a grid-based cooperative work framework (GCWF), which aims to implement GLCE with an “upper layer” collaboration middleware based on the special-purpose grid infrastructure designed by our team. The preliminary results of our research on GLCE have been applied to build the learning assessment grid (LAGrid). The goal of LAGrid is to support the formative assessment business in China Radio and TV University (CRTVU) and large-scale collaboration within virtual organization (VO) has been realized.     

对一个公钥密码体制的连分式攻击算法

公钥密码是实现网络安全和信息安全的重要技术之一,而传统的公钥密码算法速度较慢。为克服这一缺点,一些快速公钥密码算法被提出。对其中一个快速公钥密码算法的安全性进行分析,指出该算法的解密无须通过整数分解,使用连分数算法就可以在多项式时间内求解出该方案的一个等价密钥,使用该等价密钥就能对任意密文进行解密。因此,该公钥密码算法是不安全的,从而提出一种新的连分式攻击算法,实验结果证明了该算法的有效性。     

Delegation of signing rights using certificateless proxy signatures

A proxy signature scheme allows a proxy signer to sign messages on behalf of an original signer within a given context. It has lots of practical applications in distributed systems, grid computing, mobile agent applications, distributed shared object systems, global distribution networks, and mobile communications. In the last years, fruitful achievements have been seen in certificateless public key cryptography which has the advantages of no certificate management and no key escrow compared with traditional public key cryptography and identity-based public key cryptography respectively. However, the existing certificateless proxy signature schemes is either insecure or without formal security analysis. In this paper, we formalize the security model of certificateless proxy signature schemes and propose a provably secure certificateless proxy signature scheme with formal security proof under the computational Diffie–Hellman assumption.