基于可变权限集的广义虚拟企业信任交互方案

提出了一个基于可变权限集的广义虚拟企业信任交互方案,该方案能够根据虚拟企业的不同组织模式灵活设置成员权限集,并在成员结构发生变化时,对其进行动态调整.通过设计相应的虚拟认证中心来创建和颁发虚拟认证中心证书,在成员增减阶段变更参与方协议,有效解决了虚拟企业在各种组织模式下的信任交互问题.此外,该方案还实现了基于Pedersen可验证秘密共享技术的分布式密钥生成,既防止了密钥分发和更新过程中成员的不诚实行为,又克服了盟主单独行使密钥分发权利所带来的安全隐患.分析表明,该方案不但安全性大大增强,而且能够更好地适应虚拟企业复杂多变的动态环境.

Generalized trust-interaction scheme for virtual enterprises based on variable privilege sets

A generalized trust-interaction scheme based on variable privilege sets was proposed,in which the members' privilege sets were assigned flexibly according to the practical organization structures in different Virtual Enterprises(VEs),and they could be dynamically adjusted when there were some member changes.By constructing the corresponding changeable-number party protocols for Virtual Certificate Authority(VCA) establishment,VCA certificates creation and members' redeployment,this scheme could effectively solve the trust-interaction problem in VE with different organization structures.Furthermore,by employing Distributed Key Generation(DKG) protocol based on Pedersen Verifiable Secret Sharing(Pedersen-VSS) technology,this scheme could veritably detect the dishonest behaviors of malicious members,as well as avoid the security flaw in which the master enterprise acted as key distribution center solely.Analysis showed that this generalized trust-interaction scheme was not only more secure,but also more suitable to the complicated and dynamic environment of VE than previous ones.