无线网络安全方法与技术研究
|
摘要
随着无线网络的普及和应用,人们对无线网络的依赖程度越来越高。与此同时无线网络的安全性成为人们关注的焦点。由于无线网络传输媒体的开放性、无线终端的移动性和网络拓扑结构的动态性,以及无线终端计算能力和存储能力的局限性,使得有线网络环境下的许多安全方案和技术不能直接应用于无线网络,同时也给安全方案的实施增加了许多限制。本文对无线网络的安全方法与技术进行了比较深入的研究,研究内容包括:无线网络认证协议的分析与设计、基于CK模型的可证安全的密钥交换协议的设计理论、群组密钥管理协议、无线网络的可生存性和移动电子商务微支付技术。主要研究成果有:
1.在分析现有无线网络认证协议的基础上,总结了认证协议分析与设计的基本方法和基本技术,提出了无线网络认证协议设计的一般要求,设计了一种新的具有用户匿名性的无线认证协议—WSAP,并对WSAP协议进行了形式化分析。
2.研究了无线网络环境下的认证的密钥交换与密钥协商协议的形式化设计方法,基于Canetti-Krawczyk模型,提出了无线网络环境下可证安全的密钥交换协议分析与设计的一般方法,并运用这种方法进行了协议的分析与设计。
3.研究了无线网络环境下的群组密钥管理协议设计的理论与方法,给出了安全群组密钥管理协议有关性质的形式化定义,基于单向积聚函数,提出了一种新的无线网络环境下的安全群组密钥管理协议。
4.从网络体系结构和安全协议设计两个方面研究了无线网络系统的可生存性,提出了一种可生存的无线网络服务器结构。以无线IP网络为例对无线网络的可生存性进行了研究,利用冗余技术,建立冗余的代理机制,提出了一种基于移动IP的无线网络系统的可生存方案。
5.研究了无线网络安全技术的应用,基于Hash函数,设计了一种移动电子商务中的多方微支付方案,重点解决了移动电子商务中的多方微支付中的安全问题。
This research addresses network security issues in wireless network. The objective of this thesis is to provide secure communication to legitimate users, and to prevent fraudulent use of network resources by unauthorized individuals. Wireless network is susceptible to security attacks because its openness of transmission media and wireless network security is somewhat more concentrated and complex than that of wired network. Authentication is the most essential procedure to ensure that the service is properly used. But its limited resource, such as weak power supplies and limited bandwidth, must be taken into account in the design of security schemes. In this thesis, we focus on developing the design and analysis of authentication protocol, provably secure key exchange based on the CK model, scheme for group key management protocol, survivability for wireless network and micro-payment in mobile commerce. The key contributions are as follow.1. After analyzing current authentication protocols and summarizing the basic methods for designing authentication protocol, a new simple and efficient wireless authentication protocol providing user anonymity is proposed, which is called WSAP. Our protocol is based on hash function and smart cards, and mobile users only perform symmetric encryption and decryption. In our protocol, it takes only one round of message exchange between the mobile user and the visited network, and one round of message exchange between the visited network and the corresponding home network. The most significant feature is one-time use of key between mobile user and visited network.2. Protocols for key exchange and agreement provide the basis for secure communications and so it is important that they are designed correctly. Based on the discussion of the current formal approaches for designing the key exchange and agreement protocols and the CK model, we propose the general techniques to design the key exchange protocol in wireless network. With this technique, we can develop novel key exchange protocol in the CK model.3. Secure group communication in mobile networks is often dynamic and thus requires efficient and automated secure group management and seamless combination of secure groups with distributed applications running upon them. Existing approaches to secure group communication cannot satisfy these requirements. A new protocol for secure group key management scheme is presented, which is based on the concept of one-way accumulators. Our scheme does not require each node to maintain a membership list and efficiently handles dynamic membership events (nodes remove and join).4. Survivability has become increasingly important with social increasing dependence of critical infrastructures on wireless networks. The survivable server architecture for wireless network based on intrusion-tolerant mechanisms is presented. We utilize the techniques of both redundancy and diversity and threshold secret share schemes to implement the survivability of databases and to protect confidential data from compromised servers in the presence of intrusions. Comparing with the existing
schemes, our approach has realized the security and robustness for the key functions of a database system by using the integration security strategy and multiple security measures. In mobile IP network, home agents and foreign agents are single points of failure and potential performance bottlenecks. Using the techniques of redundancy, a new mechanism is described. Redundant agents can take over from each other in case of failure. This scheme can improve the survivability of mobile IP network.5. As mobile communications become increasingly sophisticated and ubiquitous, there are a large number of different scale mobile networks, a huge variety of value added service providers (SPs) and millions of roaming users. A micro-payment scheme that is able to apply to several SPs using only one hash chain is proposed. This scheme is security and efficient.
1.在分析现有无线网络认证协议的基础上,总结了认证协议分析与设计的基本方法和基本技术,提出了无线网络认证协议设计的一般要求,设计了一种新的具有用户匿名性的无线认证协议—WSAP,并对WSAP协议进行了形式化分析。
2.研究了无线网络环境下的认证的密钥交换与密钥协商协议的形式化设计方法,基于Canetti-Krawczyk模型,提出了无线网络环境下可证安全的密钥交换协议分析与设计的一般方法,并运用这种方法进行了协议的分析与设计。
3.研究了无线网络环境下的群组密钥管理协议设计的理论与方法,给出了安全群组密钥管理协议有关性质的形式化定义,基于单向积聚函数,提出了一种新的无线网络环境下的安全群组密钥管理协议。
4.从网络体系结构和安全协议设计两个方面研究了无线网络系统的可生存性,提出了一种可生存的无线网络服务器结构。以无线IP网络为例对无线网络的可生存性进行了研究,利用冗余技术,建立冗余的代理机制,提出了一种基于移动IP的无线网络系统的可生存方案。
5.研究了无线网络安全技术的应用,基于Hash函数,设计了一种移动电子商务中的多方微支付方案,重点解决了移动电子商务中的多方微支付中的安全问题。
This research addresses network security issues in wireless network. The objective of this thesis is to provide secure communication to legitimate users, and to prevent fraudulent use of network resources by unauthorized individuals. Wireless network is susceptible to security attacks because its openness of transmission media and wireless network security is somewhat more concentrated and complex than that of wired network. Authentication is the most essential procedure to ensure that the service is properly used. But its limited resource, such as weak power supplies and limited bandwidth, must be taken into account in the design of security schemes. In this thesis, we focus on developing the design and analysis of authentication protocol, provably secure key exchange based on the CK model, scheme for group key management protocol, survivability for wireless network and micro-payment in mobile commerce. The key contributions are as follow.1. After analyzing current authentication protocols and summarizing the basic methods for designing authentication protocol, a new simple and efficient wireless authentication protocol providing user anonymity is proposed, which is called WSAP. Our protocol is based on hash function and smart cards, and mobile users only perform symmetric encryption and decryption. In our protocol, it takes only one round of message exchange between the mobile user and the visited network, and one round of message exchange between the visited network and the corresponding home network. The most significant feature is one-time use of key between mobile user and visited network.2. Protocols for key exchange and agreement provide the basis for secure communications and so it is important that they are designed correctly. Based on the discussion of the current formal approaches for designing the key exchange and agreement protocols and the CK model, we propose the general techniques to design the key exchange protocol in wireless network. With this technique, we can develop novel key exchange protocol in the CK model.3. Secure group communication in mobile networks is often dynamic and thus requires efficient and automated secure group management and seamless combination of secure groups with distributed applications running upon them. Existing approaches to secure group communication cannot satisfy these requirements. A new protocol for secure group key management scheme is presented, which is based on the concept of one-way accumulators. Our scheme does not require each node to maintain a membership list and efficiently handles dynamic membership events (nodes remove and join).4. Survivability has become increasingly important with social increasing dependence of critical infrastructures on wireless networks. The survivable server architecture for wireless network based on intrusion-tolerant mechanisms is presented. We utilize the techniques of both redundancy and diversity and threshold secret share schemes to implement the survivability of databases and to protect confidential data from compromised servers in the presence of intrusions. Comparing with the existing
schemes, our approach has realized the security and robustness for the key functions of a database system by using the integration security strategy and multiple security measures. In mobile IP network, home agents and foreign agents are single points of failure and potential performance bottlenecks. Using the techniques of redundancy, a new mechanism is described. Redundant agents can take over from each other in case of failure. This scheme can improve the survivability of mobile IP network.5. As mobile communications become increasingly sophisticated and ubiquitous, there are a large number of different scale mobile networks, a huge variety of value added service providers (SPs) and millions of roaming users. A micro-payment scheme that is able to apply to several SPs using only one hash chain is proposed. This scheme is security and efficient.
引文
[1] 王育民,刘建伟.通信网的安全—理论与技术,西安电子科技大学出版社,1999年
[2] 3G Security Architecture(Release 5), 2002-12, Http://www.3gpp.org
[3] Mobile Broadband Wireless Access, (MBWA), IEEE802.20, http://www.ieee.org
[4] Broadband Wireless Access(BBWA), IEEE802.16, http://www.ieee.org
[5] 胡爱群.无线通信网络的安全问题及对策.电信科学,2003年12期
[6] 卿斯汉.安全协议的设计与逻辑分析.软件学报,Vol.14,No.7,2003,7
[7] K.Pahlavan, P.Krishnamurthy, et al., Handoff in hybrid mobile data networks, IEEE Personal Communications, April 2000
[8] ISO/IEC9798-1, http://www.iso.org
[9] Lowe G. Breaking and fixing the Needham-Schroeder public-key protocol using FDR. Software Concepts and Tools, 1996,17:93~102
[10] Wenbo Mao. Modem Cryptography: Theory & Practice. Published by Prentice Hall PTR, Jul 25, 2003
[11] Abadi-Needham. Prudent Engineering Practice for Cryptographic Protocols, IEEE Transactions on Software Engineering, 22(1):6-15, January 1996.
[12] Dolev D, Yao A. On the security of public key protocols. IEEE Transactions on Information Theory, 1983,29(2): 198~208.
[13] 卿斯汉.安全协议20年研究进展.软件学报,Vol.14,No.10,2003.10
[14] G.Bella. Inductive Verification of Cryptographic Protocols. A dissertation submitted for the degree of Doctor of Philosophy.March 2000
[15] M. Burrows, M. Abadi, and R. M. Needham. A Logic of Authentication.Proceedings of the Royal Society of London, 426:233-271, 1989.
[16] C. A. R. Hoare. Communicating Sequential Processes. Prentice-Hall, Englewood Clis, New Jersey, 1985.
[17] M.Bellare and P.Rogaway, Entity Authentication and Key Distributions-Three Party Case, Advances in Cryptology-Crypto'93,LNCS 773, Springer-Verlag, pp232-249,1994
[18] Horn G., Preneel B., Authentication and Payment in Future Mobile Systems. ComputerSecurity-ESORICS'98, Lecture Notes in Computer Science, 1485, 1998, pp. 277-293.
[19] Jaeseung Go, Kwangjo Kim. Wireless Authentication Protocol Preserving User Anonymity. SCIS 2001, Japan, January 23-26, 2001
[20] Chu-Hsing Lin. Hierarchical key assignment without public-key cryptography. Computer & Security, Vol.20, No.7,pp.612-619,2001
[21] M.Bellare, R.Canetti and H.Krawczyk, A modular approach to the design and analysis of authentication and key-exchange protocols, 30th STOS, March, 1998
[22] M.G.Rahman, H.Imai. Security in wireless communication. Wireless Personal Communications. Vol.22, No.2, August 2002, pp.213-228
[23] Z.J.TZENG, W.GTZENG. Authentication of Mobile Users in Third Generation Mobile System. Wireless Personal Communicatons, pp35-50, Vol 16,2001
[24] D. Alevras, M. Grotschel, P. Jonas, U. Paul, and R.Wessaly, Survivable Mobile Phone Network Architectures: Models and Solution Methods, IEEE Comm. Mag., pp.88-93, March, 1998.
[25] M.-F. Chang, Y.-B. Lin, and S.-C. Su, Improving the Fault Tolerance of GSM Networks, IEEE Network, pp. 58-63, Jan./Feb., 1998.
[26] P. Krishnamurthy, J. Kabara, Security architecture for wireless residential networks, Proc. VTC'2000, Boston, MA, September 2000.
[27] M.J. Beller, L.-F. Chang, Y. Yacobi, Privacy and authentication on a portable communications system, Proceedings of GLOBECOM'91, IEEE Press, New York, 1991, pp. 1922-1927.
[28] M.J. Beller, L.-F. Chang, Y. Yacobi, Security for personal communication services: public-key vs. private key approaches, Proceedings of Third IEEE International Symposium on Personal, Indoor and Mobile Radio Communications (PIMRC'92), IEEE Press, New York, 1992, pp. 26-31.
[29] M.J. Beller, L.-F. Chang, Y. Yacobi, Privacy and authentication on a portable communications system, IEEE Journal on Selected Areas in Communications 11 (1993) 821-829.
[30] M.J. Beller, Y. Yacobi, Fully-fledged two-way public key authentication and key agreement for low-cost terminals, Electronics Letters 29 (1993) 999-1001.
[31] U. Carlsen, Optimal privacy and authentication on a portable communications system, ACM Operating Systems Review 28 (3) (1994) 16-23.
[32] A. Aziz, W. Diffie, Privacy and authentication for wireless local area networks, IEEE Personal Communications 1 (1994)25-31.
[33] M. Tatebayashi, N. Matsuzaki, D.B. Newman Jr, Key distribution protocol for digital mobile communications systems, Advances in Cryptology-Crypto'89, Springer, Berlin, 1990, pp. 324-333.
[34] N. Asokan, Anonymity in a mobile computing environment, Proceedings of the Workshop on Mobile Computing Systems and Applications, Santa Cruz, December 1994, pp. 200-204. Also available online at http://www.semper.org/sirene/people/asokan/research/mobile94-ieee.ps.gz
[35] H.-Y. Lin, L. Harn, Authentication protocols for personal communication systems, Proceedings of SIGCOMM'95, 1995, pp. 256-261.
[36] C.-S. Park, On certificate-based security protocols for wireless mobile communications systems, IEEE Network September/October, 1997, pp. 50-55.
[37] C.Boyd, A.Mathuria. Key establishment protocol for secure mobile communication: a critical survey, Computer Communications 23, 2000, pp.575-587
[3
[38] ISO/IEC. Information Technology—Security Techniques—Entity Authentication Mechanisms—Part 2: Entity authentication using symmetric techniques, International Organization for Standardization and International Electro-technical Commission, 1993, ISO/IEC JTC 1/SC 27 N739 DIS 9798-2,1993-08-13
[39] Wedel. G., Kessler. V., Formal Semantics for Authentication Logics. Computer Security-ESOROCS 96, Springer LNCS 1146, 219-241.
[40] CCITT. CCITT draft recommendation X.509. The directory-authentication framework, Version 7, 1987.
[41] V.Kessler, G.Wedel. AUTLOG-An advanced logic of authentication, Computer Security Foundations Workshop Ⅶ, 1994. CSFW 7. Proceedings, 14-16 June 1994, PP:90-99
[42] 姬东耀,王育民.移动计算网络环境中的认证与小额支付协议.电子学报,第30卷第4期,2002年4月
[43] 陈恺,刘莹,肖国镇.移动通信系统中有效的身份认证方案和支付协议.通信学报,第23卷第3期,2002年3月
[44] M. Bellare and P. Rogaway. Provably secure session key distribution-the three party case. In Proceedings of the 27th ACM Symposium on the Theory of Computing, pages 57-66, May 1995.
[45] R. Canetti and H. Krawczyk. Analysis of key-exchange protocols and their use for building secure channels. In Advances in Cryptology-Eurocrypt 2001, volume 2045 of LNCS, pages 453-474. Springer-Verlag, 2001. Full version at http://eprint.iacr.org/2001/040.ps.
[46] Xinghua LI, Jianfeng MA, SangJae MOON. On the Security of the Canetti-Krawczyk Model, Submitted to ACM Transactions on Information and System Security.
[47] Y.S.T.Tin, H.Vasanta, etc. Protocol with Security Proofs for Mobile Applications. LNCS 3108, Springer-Verlag Heidelberg, 2004
[48] P.Ammann, S.Jajodia, C.D.McCollum, and B.T.Blaustein. Surviving information warfare attacks on database [A]. In proceedings of the IEEE Symposium on Security and Privacy [C], pp 164-174, Oakland,CA,May 1997
[49] Y.S.T. Tin, C.Boyd, J.G.Nieto. Provably Secure Key Exchange: An Engineering Approach. Proceedings of the Australasian information security workshop conference on ACSW frontiers 2003-Volume 21
[50] Wenbo Mao,Modern Cryptography: Theory and Practice. Prentice Hall PTR, 1st edition, July 25, 2003
[51] 赖晓龙,802.11无线局域网的安全技术,西安电子科技大学硕士论文,2004
[52] 李兴华,马建峰,文相在。基于身份密码系统下Canetti-Krawczyk模型的安全扩展.中国科学,E辑,信息科学,2004,34(1):1~13
[53] S.Cimato, P.D'Arco, I.Visconti. Anonymous Group Communication in Mobile Networks. ICTCS 2003, LNCS 2841, pp.316-328, 2003
[54] G.-H.Chiou, W.T.Chen. Secure broadcasting using the secure lock, IEEE Trans, on Software Engineering, Aug. 1989, vol. 15, pp. 929-934.
[55] HARNEY, H. AND MUCKENHIRN, C. 1997b. Group Key Management Protocol (GKMP) Architecture. RFC 2094.
[56] WONG, C. K., GOUDA, M. G, AND LAM, S. S. 2000.Secure group communications using key graphs. IEEE/ACM Trans. Netw. 8, 1 (Feb.), 16-30.
[57] WEILER, N. 2001. SEMSOMM-A scalable multiple encryption scheme for one-to-many multicast. In Proceedings of the 10th IEEE International WETICE Enterprises Security Workshop, (Cambridge, Mass., June). IEEE Computer Society Press, Los Alamitos, Calif.
[58] WONG, C. K., GOUDA, M. G, AND LAM, S. S. 2000. Secure group communications using key graphs. IEEE/ACM Trans. Netw. 8, 1 (Feb.), 16-30.
[59] S.RAFAELI, D.HUTCHISON. A Survey of Key Management for Secure Group Communication, ACM Computing Surveys, Vol.35, No..3. September 2003.
[60] MCGREW, D. A. AND SHERMAN, A. T. 1998. Key establishment in large dynamic groups using oneway function trees. Tech. Rep. No. 0755 (May), TIS Labs at Network Associates, Inc., Glenwood, Md.
[61] J.Staddon, S.Miner, M.Franklin, D.Balfanz, M.Malkin, D.Dean. Self-healing key distribution with revocation. In proc. of 2002 IEEE Symp. on Security and Privacy, PP 224-240,2002
[62] D.Liu, P.Ning, K.Sun. Efficient Self-healing Group Key Distribution with Revocation Capability. Proceedings of the 10th ACM conference on Computer and communication security, Washington D.C., USA, 2003
[63] J. Benaloh and M. de Mare. One-way accumulators: a decentralized alternative to digital signatures. In Advances in Cryptology EUROCRYPT 93, Proceedings of the Workshop on the Theory and Applications of Cryptographic Techniques, volume 765 of LNCS, 1993.
[64] Barua, R., R. Dutta, and P. Sarkar. Extending Joux's Protocol to Multi Party Key Agreement, in Indocrypt 2003.
[65] D. Nalla and K. C. Reddy, Identity Based Tripartite Authenticated Group Agreement Protocol, Proc. of Indocrypt'02, LNCS 2551, pp.215-233, Springer-Verlag, 2002.
[66] Barua. R., R. Dutta, and P. Sarkar, Provably Secure Authenticated Tree Based Group Key Agreement Protocol using"Pairing, http://eprint.iacr.org/2004/090.ps.gz. 2004
[67] R.J.Ellison, B.D.Fisher, R.Linger, et al. Survivable Network Systems: An Emerging Discipline. Technical Report CMU/SEI-97-TR-013, Software Engineering Institute, Carnegie Mellon University, November 1997
[68] Teresa Dahlberg, Sreenivas Ramaswamy, David Tipper. Survivability issues in wireless mobile networks. Proceedings of First International Workshop on Mobile and Wireless Communication Networks, Paris, France, May, 1997.
[69] 朱建明,史庭俊,马建峰.基于多代理的容忍入侵体系结构.计算机工程与应用.2003.4
[70] 王超,朱建明,马建峰.基于组件的软件系统可用性分析,西安电子科技大学学报,2004.5
[71] GUO Yuanbo, MA Jianfeng. Secret Sharing Scheme Realizing Generalized Adversary Structure. Journal of Computer Science and Technology. 2004.3
[72] GUO Yuanbo, MA Jianfeng.An Efficient and Robust Conference Key Distribution Protocol. The 2003 International Conference on Computer Networks and Mobile Computing. Shanghai China. October 20-23, 2003. IEEE Press
[73] ZHU Jianming, MA Jianfeng. Survivavility Model of Network System and Its Survivability Analysis. Proceedings of the International Symposium on Test and Measurement, v 2, 2003, p p1037-1042
[74] M.-F. Chang, Y.-B. Lin, and S.-C. Su, Improving the Fault Tolerance of GSM Networks, IEEE Network, pp. 58-63, Jan./Feb., 1998.
[75] N. Neves, and W. K. Fuchs, Adaptive Recovery for Mobile Environments, Comm. of the ACM, Vol. 40, No. 1, pp.68-74, Jan 1997.
[76] O.Goldreich. Secure Multi-Party Computation. Department of Computer Science and Applied Mathematics, Weizmann Institute of Science, Rehovot, Israel, 1. ledition, Sept 1998
[77] 朱建明,马建峰.基于容忍入侵的数据库安全体系结构.西安电子科技大学学报.2003.1
[78] Eugene H. Spafford and Diego Zamboni, Intrusion detection using autonomous Agents, Computer Networks, 34(4):547-570, October 2000.
[79] Gorodetski,V.,Kotenko,I.,Skormin,V. Integrated Multi-Agent Approach to Network Security Assurance: Models of Agents' Community. Information Security for Global Information Infrastructures, IFIP TCll Sixteenth Annual Working Conference on Information Security, Qing, S., Eloff J.H.P, Beijing, Chian (2000), pp291-300
[80] A.G.Pennington, J.D.Strunk, J.L.Griffin, etc. Storage-based Intrusion Detection: Watching storage activity for suspicious behavior. Proceeding of the 12~(th) USENIX Security Symposium Washington, DC. August 2003.
[81] P. Liu and S. Jajodia. Multi-phase damage con_nement in database systems for intrusion tolerance. In Proc. 14th IEEE Computer Security Foundations Workshop, pages 191-205,June 2001.
[82] P.Liu, P.Luenam. ODAM: An on-the-fly samage assessment and repair system for commercial database applications. In Proc. 15~(th) IFIP WG 11.3 Working Conference on Database and application Security.
[83] R.Ghost, G.Varghese. Fault-tolerant Mobile IP. Technical Report WUCS-98-11, Washington University, April 1998
[8
[84] JinHo Ahn, Sung-Gi Min, Chong-Sun Hwang. Scalable and efficient fault-tolerant protocol for mobility agents in mobile IP-based systems. Future Generation Computer Systems 18 (2002) pp613-625
[85] B.Bhargava, S.B.Kamisetty, S.K.Madria, Fault-tolerant authentication and Group Key Management in Mobile Computing, CERIAS Tech Report 2000-07
[86] V.Sawma, R.Probert. E-commerce authentication: An Effective Countermeasures Design Model, Sawma, proceedings of the International Conference on Enterprise Information Systems (ICEIS) conference, Apr. 23-26, 2003, Angers, France
[87] D.Samfat, R.Molva, N.Asokan. Untraceability in mobile networks, Proceeding of the First Annual International Conference on Mobile Computing and Networking, pp.26-36, 1995
[88] R. H. Deng, L. Gong, A. A. Lazar, and W. Wang, "Authenticated key distribution and secure broadcast using no conventional encryption: A unified approach based on block codes," Proc.IEEE Globecom'95, Nov. 1995.
[89] 李先贤,怀进鹏,刘旭东.群密钥分配的动态安全性及其方案.计算机学报,25(4),2002.4
[90] HARNEY, H. AND MUCKENHIRN, C. 1997b. Group Key Management Protocol (GKMP) Architecture.RFC 2094.
[91] J.Knight, K.J.Sullivan. On the definition of survivability, Technical Report CS-TR-33-00, University of Virginia, Department of Computer Science, 2000
[92] G.Bella. Inductive Verification of Cryptographic Protocols. A dissertation submitted for the degree of Doctor of Philosophy.March 2000
[93] Heintze N, Tygar, JD. A model for secure protocols and their composition. IEEE Transactions on Software Engineering, 1996, 22(1): 16~30.
[94] C. A. R. Hoare. Communicating Sequential Processes. Prentice-Hall, Englewood Clis, New Jersey, 1985.
[95] A.Datta, A.Derek, J.C.Mitchell. Secure Protocol Composition. Electronic Notes in Theoretical Computer Science 83 (2004), http://www.elsevier.nl/locate/entcs/volume83.html
[96] W. Diffie and M. Hellman. New directions in cryptography. IEEE Transactions on Information Theory, 22:644-654, 1976.
[97] G.R.Ranger, P.K.Khosla, M.Bakkaloglu, M.W. Bigfigg, G. R. Goodson, S. Oguz, V. Pandurangan, C. A. N. Soules, J. D. Strunk, and J. J. Wylie. Survivable storage systems[A]. In DARPA Information Survivability Conference and Exposition Ⅱ[C], pages 184-195. IEEE Computer Society, June 2001.
[98] P.Liu. Architecture for Intrusion Tolerant Database systems [A]. Proc. 18th Annual Computer Security Applications Conference [C], Dec 2002.
[99] Otway D, Rees O. Efficient and timely mutual authentication. Operating Systems Review, 1987,21(1):8~10.
[100] Miller SP, Neuman C, Schiller JI, Saltzer JH. Kerberos authentication and authorization system. Project Athena Technical Plan Section E.2.1, MIT, 1987.
[101] CCITT. CCITT draft recommendation X.509. The Directory-Authentication Framework, Version 7, 1987.
[102] C.Perkins. IP Mobility Support, RFC 2002, October 1996
[103] C.Perkins, D.B.Johnson. Route Optimization in Mobile IP, Mobile IP Working Group, Internet Draft, November 1997
[104] R. J. Ellison, D. A. Fisher, R. C. Linger, et al. Survivability: Protecting Your Critical Systems. IEEE Internet Computing, Vol. 3, No. 6: pp. 55-63, November/December 1999.
[105] N. R. Mead, R. Ellison, R. C. Linger, et al. Life-Cycle Models for Survivable Systems. Technical Report CMU/SEI-2002-TR-026, Software Engineering Institute, Carnegie Mellon University, Pittsburgh, PA15213, October 2002. http://www.sei.cmu.edu/pub/documents/ 02.reports/pdf/02tr026.pdf
[106] R. J. Ellison, D. A. Fisher, R. C. Linger, et al. An Approach to Survivable Systems. http://www.cert.org/easel/nato 1 .doc
[107] Howard F. Lipson, David A. Fisher. Survivability Blends Computer Security With Business Risk Management. March 2000. http://interactive.sei.cmu.edu/Columns/Security_Matters/2000/March/Security.mar00.pdf
[108] J.Millen, Local reconfiguration policies, 1999 IEEE Security and Privacy Symposium, IEEE Computer Society, 1999.
[109] SET Secure Electronic Transaction LLC, "SET Secure Electronic Transaction Specification", 1999, http://www.setco.org
[110] R.Hauser, M.Steiner, and M.Waidner, "Micro-payments based on iKP", Proc. Of the 14th Worldwide Congress on Computer and Communications Security Protection, pp. 67-82, 1996
[111] P.Wayner. Digital cash, Byte 19 (10), 126
[112] J.P.Boly, et al. The ESPRIT project CAFE-high security digital apyment system. Computer Security-ESOLICS'94, vol.875, Nov.
[113] J.Doggest, Electronic check project. Financial Services Technology Consortium (FSTC); http://macke.wiwi. hu-berlin/IMI/micropayments.html, 1995
[114] C.Neumann, GMedvinsky, Requirements for network payment-the NetCheque perspective. IEEE Compcon; 1995
[115] M.Peirce, Multi-Party Electronic Payments for Mobile Communications, A thesis submitted for the degree of Doctor of Philosophy in Computer Science University of Dublin, Trinity College Department of Computer Science October 31st, 2000
[116] S.Micali, R.L.Rivest, Micropayments Revisited, LNCS, Proceedings of the The Cryptographer's Track at the RSA Conference on Topics in Cryptology, 2002, pp. 149-163
[117] M.Lee, K.Kim, A Micro-payment System for Multiple-Shopping, The 2002 Symposium on Cryptography and Information Security Shirahama, Japan, Jan.29-Feb. 1,2002
[118] M. Manasse. The Millicent protocols for electronic commerce. In Proceedings of the 1st USENIX Workshop on Electronic Commerce, pp.117-23, New York, USA, July 1995.
[119] M. Bellare, J. Garay, R. Hauser, A. Herzberg, H. Krawczyk, M. Steiner, G. Tsudik, and M.Waidner. iKP - a family of secure electronic payment protocols. In Proceedings of the 1st USENIX Workshop on Electronic Commerce, pp.89-106, New York, USA, July 1995.
[120] M. Sirbu and J. Tygar. NetBill: an Internet commerce system optimized for networkdelivered services. IEEE Personal Communications, 2(4):34-39, August 1995.
[121] J. Stern and S. Vaudenay. SVP: a flexible micropayment scheme. In Financial Cryptography '97 Proceedings, pp. 161-71, Lecture Notes in Computer Science vol. 1318. Springer-Verlag, Berlin, 1997.
[122] R. Rivest and A. Shamir. Pay Word and MicroMint: two simple micropayment schemes. In Proceedings of the 4th Security Protocols International Workshop (Security Protocols), pp. 69-87, LNCS1189. Springer-Verlag, Berlin, 1996.
[123] L. Lamport. Password authentication with insecure communication. Communications of the ACM, 24(11):770-72, November 1981.
[124] Hwang M. S. ,Lin I. C. ,Li L. H, A simple micro-payment scheme, The journal of System and Software 55 (2001) 221-229
[125] CyberCoin. In Electronic payment systems [OPT97], pp. 181-182.
[126] D.Olivier. The Clickshare service. In Workshop on Internet Survey Methodology and Web Demographics, Massachusetts Institute of Technology, Cambridge, Massachusetts, January 1996.
[127] L. Tang. A set of protocols for micropayments in distributed systems. In Proceedings of the 1st USENIX Workshop on Electronic Commerce, pp.107-15, New York, July 1995.
[128] B. Cox, J. Tygar, and M. Sirbu. NetBill security and transaction protocol. In Proceedings of the 1st USENIX Workshop on Electronic Commerce, pp.77-88, New York, July 1995.
[129] P. Michon. Payment in electronic commerce. In Proceedings of the 8th Internet Society Conference on Internet Networking (INET'98), Geneva, Switzerland, July 1998.
[130] H. Beadle, R. Gonzalez, R. Safavi-Naini, and S. Bakhtiari. A review of Internet payments schemes. In Proceedings' of the Australian Telecommunication Networks and Applications Conference (ATNAC'96), pp.486-94, Melbourne, Australia, December 1996.
[131] X. Dai and B. Lo. Netpay - an efficient protocol for micropayments on the WWW. In Proceedings of the 5th Australian World Wide Web Conference (AusWeb'99), Southern Cross University, Lismore, Australia, April 1999.
[1
[132] Vijay Ahuja, Secure Commerce of the Internet, Academic Press, 1996.
[133] Park. D.G, Boyd C., Dawson Ed, Micropayment for Wireless Communications. http://gunther.smeal.psu.edu/context/125761/0
[134] G. Hanaoka, Y. Zheng, and H. Imai. LITESET: A lightweight secure electronic transaction protocol. In Proceedings of the 3rd Australasian Conference on Information Security and Privacy (ACISP'98), Lecture Notes in Computer Science vol. 1438. Springer-Verlag, Berlin, 1998. pp.215-26
[135] Ferreira. L.C., Dahab. R., A scheme for analyzing electronic payment system. 14~(th) Computer Security Applications Conference, 1998, pp. 137-146
[136] D. Wheeler. MicroMint extensions. Computer Laboratory, University of Cambridge, UK, November 1996.
[137] M. Blum. Coin flipping by telephone: a protocol for solving impossible problems. In Advances in Cryptology: A Report on CRYPTO 81, ECE Report 82-04, Dept. of Electrical and Computer Engineering, U. C. Santa Barbara, 1982. pp.11-15
[138] T. Pederson. Electronic payments of small amounts. In Proceedings of the 4th Security Protocols International Workshop (Security Protocols), LNCS1189. Springer-Verlag, Berlin, 1996. pp.59-68
[139] R. Hauser, M. Steiner, and M. Waidner. Micro-payments based on iKE In Proceedings of the 14th Worldwide Congress on Computer and Communications Security Protection, Paris, 1996. pp. 67-82.
[140] 朱建明,马建峰.一种高效的电子商务微支付方案,西安电子科技大学学报,2002增刊
[141] Y. Kim, A. Perrig, and G. Tsudik. Simple and fault-tolerant key agreement for dynamic collaborative groups. Technical Report 2, USC Technical Report 00-737, August 2000.
[2] 3G Security Architecture(Release 5), 2002-12, Http://www.3gpp.org
[3] Mobile Broadband Wireless Access, (MBWA), IEEE802.20, http://www.ieee.org
[4] Broadband Wireless Access(BBWA), IEEE802.16, http://www.ieee.org
[5] 胡爱群.无线通信网络的安全问题及对策.电信科学,2003年12期
[6] 卿斯汉.安全协议的设计与逻辑分析.软件学报,Vol.14,No.7,2003,7
[7] K.Pahlavan, P.Krishnamurthy, et al., Handoff in hybrid mobile data networks, IEEE Personal Communications, April 2000
[8] ISO/IEC9798-1, http://www.iso.org
[9] Lowe G. Breaking and fixing the Needham-Schroeder public-key protocol using FDR. Software Concepts and Tools, 1996,17:93~102
[10] Wenbo Mao. Modem Cryptography: Theory & Practice. Published by Prentice Hall PTR, Jul 25, 2003
[11] Abadi-Needham. Prudent Engineering Practice for Cryptographic Protocols, IEEE Transactions on Software Engineering, 22(1):6-15, January 1996.
[12] Dolev D, Yao A. On the security of public key protocols. IEEE Transactions on Information Theory, 1983,29(2): 198~208.
[13] 卿斯汉.安全协议20年研究进展.软件学报,Vol.14,No.10,2003.10
[14] G.Bella. Inductive Verification of Cryptographic Protocols. A dissertation submitted for the degree of Doctor of Philosophy.March 2000
[15] M. Burrows, M. Abadi, and R. M. Needham. A Logic of Authentication.Proceedings of the Royal Society of London, 426:233-271, 1989.
[16] C. A. R. Hoare. Communicating Sequential Processes. Prentice-Hall, Englewood Clis, New Jersey, 1985.
[17] M.Bellare and P.Rogaway, Entity Authentication and Key Distributions-Three Party Case, Advances in Cryptology-Crypto'93,LNCS 773, Springer-Verlag, pp232-249,1994
[18] Horn G., Preneel B., Authentication and Payment in Future Mobile Systems. ComputerSecurity-ESORICS'98, Lecture Notes in Computer Science, 1485, 1998, pp. 277-293.
[19] Jaeseung Go, Kwangjo Kim. Wireless Authentication Protocol Preserving User Anonymity. SCIS 2001, Japan, January 23-26, 2001
[20] Chu-Hsing Lin. Hierarchical key assignment without public-key cryptography. Computer & Security, Vol.20, No.7,pp.612-619,2001
[21] M.Bellare, R.Canetti and H.Krawczyk, A modular approach to the design and analysis of authentication and key-exchange protocols, 30th STOS, March, 1998
[22] M.G.Rahman, H.Imai. Security in wireless communication. Wireless Personal Communications. Vol.22, No.2, August 2002, pp.213-228
[23] Z.J.TZENG, W.GTZENG. Authentication of Mobile Users in Third Generation Mobile System. Wireless Personal Communicatons, pp35-50, Vol 16,2001
[24] D. Alevras, M. Grotschel, P. Jonas, U. Paul, and R.Wessaly, Survivable Mobile Phone Network Architectures: Models and Solution Methods, IEEE Comm. Mag., pp.88-93, March, 1998.
[25] M.-F. Chang, Y.-B. Lin, and S.-C. Su, Improving the Fault Tolerance of GSM Networks, IEEE Network, pp. 58-63, Jan./Feb., 1998.
[26] P. Krishnamurthy, J. Kabara, Security architecture for wireless residential networks, Proc. VTC'2000, Boston, MA, September 2000.
[27] M.J. Beller, L.-F. Chang, Y. Yacobi, Privacy and authentication on a portable communications system, Proceedings of GLOBECOM'91, IEEE Press, New York, 1991, pp. 1922-1927.
[28] M.J. Beller, L.-F. Chang, Y. Yacobi, Security for personal communication services: public-key vs. private key approaches, Proceedings of Third IEEE International Symposium on Personal, Indoor and Mobile Radio Communications (PIMRC'92), IEEE Press, New York, 1992, pp. 26-31.
[29] M.J. Beller, L.-F. Chang, Y. Yacobi, Privacy and authentication on a portable communications system, IEEE Journal on Selected Areas in Communications 11 (1993) 821-829.
[30] M.J. Beller, Y. Yacobi, Fully-fledged two-way public key authentication and key agreement for low-cost terminals, Electronics Letters 29 (1993) 999-1001.
[31] U. Carlsen, Optimal privacy and authentication on a portable communications system, ACM Operating Systems Review 28 (3) (1994) 16-23.
[32] A. Aziz, W. Diffie, Privacy and authentication for wireless local area networks, IEEE Personal Communications 1 (1994)25-31.
[33] M. Tatebayashi, N. Matsuzaki, D.B. Newman Jr, Key distribution protocol for digital mobile communications systems, Advances in Cryptology-Crypto'89, Springer, Berlin, 1990, pp. 324-333.
[34] N. Asokan, Anonymity in a mobile computing environment, Proceedings of the Workshop on Mobile Computing Systems and Applications, Santa Cruz, December 1994, pp. 200-204. Also available online at http://www.semper.org/sirene/people/asokan/research/mobile94-ieee.ps.gz
[35] H.-Y. Lin, L. Harn, Authentication protocols for personal communication systems, Proceedings of SIGCOMM'95, 1995, pp. 256-261.
[36] C.-S. Park, On certificate-based security protocols for wireless mobile communications systems, IEEE Network September/October, 1997, pp. 50-55.
[37] C.Boyd, A.Mathuria. Key establishment protocol for secure mobile communication: a critical survey, Computer Communications 23, 2000, pp.575-587
[3
[38] ISO/IEC. Information Technology—Security Techniques—Entity Authentication Mechanisms—Part 2: Entity authentication using symmetric techniques, International Organization for Standardization and International Electro-technical Commission, 1993, ISO/IEC JTC 1/SC 27 N739 DIS 9798-2,1993-08-13
[39] Wedel. G., Kessler. V., Formal Semantics for Authentication Logics. Computer Security-ESOROCS 96, Springer LNCS 1146, 219-241.
[40] CCITT. CCITT draft recommendation X.509. The directory-authentication framework, Version 7, 1987.
[41] V.Kessler, G.Wedel. AUTLOG-An advanced logic of authentication, Computer Security Foundations Workshop Ⅶ, 1994. CSFW 7. Proceedings, 14-16 June 1994, PP:90-99
[42] 姬东耀,王育民.移动计算网络环境中的认证与小额支付协议.电子学报,第30卷第4期,2002年4月
[43] 陈恺,刘莹,肖国镇.移动通信系统中有效的身份认证方案和支付协议.通信学报,第23卷第3期,2002年3月
[44] M. Bellare and P. Rogaway. Provably secure session key distribution-the three party case. In Proceedings of the 27th ACM Symposium on the Theory of Computing, pages 57-66, May 1995.
[45] R. Canetti and H. Krawczyk. Analysis of key-exchange protocols and their use for building secure channels. In Advances in Cryptology-Eurocrypt 2001, volume 2045 of LNCS, pages 453-474. Springer-Verlag, 2001. Full version at http://eprint.iacr.org/2001/040.ps.
[46] Xinghua LI, Jianfeng MA, SangJae MOON. On the Security of the Canetti-Krawczyk Model, Submitted to ACM Transactions on Information and System Security.
[47] Y.S.T.Tin, H.Vasanta, etc. Protocol with Security Proofs for Mobile Applications. LNCS 3108, Springer-Verlag Heidelberg, 2004
[48] P.Ammann, S.Jajodia, C.D.McCollum, and B.T.Blaustein. Surviving information warfare attacks on database [A]. In proceedings of the IEEE Symposium on Security and Privacy [C], pp 164-174, Oakland,CA,May 1997
[49] Y.S.T. Tin, C.Boyd, J.G.Nieto. Provably Secure Key Exchange: An Engineering Approach. Proceedings of the Australasian information security workshop conference on ACSW frontiers 2003-Volume 21
[50] Wenbo Mao,Modern Cryptography: Theory and Practice. Prentice Hall PTR, 1st edition, July 25, 2003
[51] 赖晓龙,802.11无线局域网的安全技术,西安电子科技大学硕士论文,2004
[52] 李兴华,马建峰,文相在。基于身份密码系统下Canetti-Krawczyk模型的安全扩展.中国科学,E辑,信息科学,2004,34(1):1~13
[53] S.Cimato, P.D'Arco, I.Visconti. Anonymous Group Communication in Mobile Networks. ICTCS 2003, LNCS 2841, pp.316-328, 2003
[54] G.-H.Chiou, W.T.Chen. Secure broadcasting using the secure lock, IEEE Trans, on Software Engineering, Aug. 1989, vol. 15, pp. 929-934.
[55] HARNEY, H. AND MUCKENHIRN, C. 1997b. Group Key Management Protocol (GKMP) Architecture. RFC 2094.
[56] WONG, C. K., GOUDA, M. G, AND LAM, S. S. 2000.Secure group communications using key graphs. IEEE/ACM Trans. Netw. 8, 1 (Feb.), 16-30.
[57] WEILER, N. 2001. SEMSOMM-A scalable multiple encryption scheme for one-to-many multicast. In Proceedings of the 10th IEEE International WETICE Enterprises Security Workshop, (Cambridge, Mass., June). IEEE Computer Society Press, Los Alamitos, Calif.
[58] WONG, C. K., GOUDA, M. G, AND LAM, S. S. 2000. Secure group communications using key graphs. IEEE/ACM Trans. Netw. 8, 1 (Feb.), 16-30.
[59] S.RAFAELI, D.HUTCHISON. A Survey of Key Management for Secure Group Communication, ACM Computing Surveys, Vol.35, No..3. September 2003.
[60] MCGREW, D. A. AND SHERMAN, A. T. 1998. Key establishment in large dynamic groups using oneway function trees. Tech. Rep. No. 0755 (May), TIS Labs at Network Associates, Inc., Glenwood, Md.
[61] J.Staddon, S.Miner, M.Franklin, D.Balfanz, M.Malkin, D.Dean. Self-healing key distribution with revocation. In proc. of 2002 IEEE Symp. on Security and Privacy, PP 224-240,2002
[62] D.Liu, P.Ning, K.Sun. Efficient Self-healing Group Key Distribution with Revocation Capability. Proceedings of the 10th ACM conference on Computer and communication security, Washington D.C., USA, 2003
[63] J. Benaloh and M. de Mare. One-way accumulators: a decentralized alternative to digital signatures. In Advances in Cryptology EUROCRYPT 93, Proceedings of the Workshop on the Theory and Applications of Cryptographic Techniques, volume 765 of LNCS, 1993.
[64] Barua, R., R. Dutta, and P. Sarkar. Extending Joux's Protocol to Multi Party Key Agreement, in Indocrypt 2003.
[65] D. Nalla and K. C. Reddy, Identity Based Tripartite Authenticated Group Agreement Protocol, Proc. of Indocrypt'02, LNCS 2551, pp.215-233, Springer-Verlag, 2002.
[66] Barua. R., R. Dutta, and P. Sarkar, Provably Secure Authenticated Tree Based Group Key Agreement Protocol using"Pairing, http://eprint.iacr.org/2004/090.ps.gz. 2004
[67] R.J.Ellison, B.D.Fisher, R.Linger, et al. Survivable Network Systems: An Emerging Discipline. Technical Report CMU/SEI-97-TR-013, Software Engineering Institute, Carnegie Mellon University, November 1997
[68] Teresa Dahlberg, Sreenivas Ramaswamy, David Tipper. Survivability issues in wireless mobile networks. Proceedings of First International Workshop on Mobile and Wireless Communication Networks, Paris, France, May, 1997.
[69] 朱建明,史庭俊,马建峰.基于多代理的容忍入侵体系结构.计算机工程与应用.2003.4
[70] 王超,朱建明,马建峰.基于组件的软件系统可用性分析,西安电子科技大学学报,2004.5
[71] GUO Yuanbo, MA Jianfeng. Secret Sharing Scheme Realizing Generalized Adversary Structure. Journal of Computer Science and Technology. 2004.3
[72] GUO Yuanbo, MA Jianfeng.An Efficient and Robust Conference Key Distribution Protocol. The 2003 International Conference on Computer Networks and Mobile Computing. Shanghai China. October 20-23, 2003. IEEE Press
[73] ZHU Jianming, MA Jianfeng. Survivavility Model of Network System and Its Survivability Analysis. Proceedings of the International Symposium on Test and Measurement, v 2, 2003, p p1037-1042
[74] M.-F. Chang, Y.-B. Lin, and S.-C. Su, Improving the Fault Tolerance of GSM Networks, IEEE Network, pp. 58-63, Jan./Feb., 1998.
[75] N. Neves, and W. K. Fuchs, Adaptive Recovery for Mobile Environments, Comm. of the ACM, Vol. 40, No. 1, pp.68-74, Jan 1997.
[76] O.Goldreich. Secure Multi-Party Computation. Department of Computer Science and Applied Mathematics, Weizmann Institute of Science, Rehovot, Israel, 1. ledition, Sept 1998
[77] 朱建明,马建峰.基于容忍入侵的数据库安全体系结构.西安电子科技大学学报.2003.1
[78] Eugene H. Spafford and Diego Zamboni, Intrusion detection using autonomous Agents, Computer Networks, 34(4):547-570, October 2000.
[79] Gorodetski,V.,Kotenko,I.,Skormin,V. Integrated Multi-Agent Approach to Network Security Assurance: Models of Agents' Community. Information Security for Global Information Infrastructures, IFIP TCll Sixteenth Annual Working Conference on Information Security, Qing, S., Eloff J.H.P, Beijing, Chian (2000), pp291-300
[80] A.G.Pennington, J.D.Strunk, J.L.Griffin, etc. Storage-based Intrusion Detection: Watching storage activity for suspicious behavior. Proceeding of the 12~(th) USENIX Security Symposium Washington, DC. August 2003.
[81] P. Liu and S. Jajodia. Multi-phase damage con_nement in database systems for intrusion tolerance. In Proc. 14th IEEE Computer Security Foundations Workshop, pages 191-205,June 2001.
[82] P.Liu, P.Luenam. ODAM: An on-the-fly samage assessment and repair system for commercial database applications. In Proc. 15~(th) IFIP WG 11.3 Working Conference on Database and application Security.
[83] R.Ghost, G.Varghese. Fault-tolerant Mobile IP. Technical Report WUCS-98-11, Washington University, April 1998
[8
[84] JinHo Ahn, Sung-Gi Min, Chong-Sun Hwang. Scalable and efficient fault-tolerant protocol for mobility agents in mobile IP-based systems. Future Generation Computer Systems 18 (2002) pp613-625
[85] B.Bhargava, S.B.Kamisetty, S.K.Madria, Fault-tolerant authentication and Group Key Management in Mobile Computing, CERIAS Tech Report 2000-07
[86] V.Sawma, R.Probert. E-commerce authentication: An Effective Countermeasures Design Model, Sawma, proceedings of the International Conference on Enterprise Information Systems (ICEIS) conference, Apr. 23-26, 2003, Angers, France
[87] D.Samfat, R.Molva, N.Asokan. Untraceability in mobile networks, Proceeding of the First Annual International Conference on Mobile Computing and Networking, pp.26-36, 1995
[88] R. H. Deng, L. Gong, A. A. Lazar, and W. Wang, "Authenticated key distribution and secure broadcast using no conventional encryption: A unified approach based on block codes," Proc.IEEE Globecom'95, Nov. 1995.
[89] 李先贤,怀进鹏,刘旭东.群密钥分配的动态安全性及其方案.计算机学报,25(4),2002.4
[90] HARNEY, H. AND MUCKENHIRN, C. 1997b. Group Key Management Protocol (GKMP) Architecture.RFC 2094.
[91] J.Knight, K.J.Sullivan. On the definition of survivability, Technical Report CS-TR-33-00, University of Virginia, Department of Computer Science, 2000
[92] G.Bella. Inductive Verification of Cryptographic Protocols. A dissertation submitted for the degree of Doctor of Philosophy.March 2000
[93] Heintze N, Tygar, JD. A model for secure protocols and their composition. IEEE Transactions on Software Engineering, 1996, 22(1): 16~30.
[94] C. A. R. Hoare. Communicating Sequential Processes. Prentice-Hall, Englewood Clis, New Jersey, 1985.
[95] A.Datta, A.Derek, J.C.Mitchell. Secure Protocol Composition. Electronic Notes in Theoretical Computer Science 83 (2004), http://www.elsevier.nl/locate/entcs/volume83.html
[96] W. Diffie and M. Hellman. New directions in cryptography. IEEE Transactions on Information Theory, 22:644-654, 1976.
[97] G.R.Ranger, P.K.Khosla, M.Bakkaloglu, M.W. Bigfigg, G. R. Goodson, S. Oguz, V. Pandurangan, C. A. N. Soules, J. D. Strunk, and J. J. Wylie. Survivable storage systems[A]. In DARPA Information Survivability Conference and Exposition Ⅱ[C], pages 184-195. IEEE Computer Society, June 2001.
[98] P.Liu. Architecture for Intrusion Tolerant Database systems [A]. Proc. 18th Annual Computer Security Applications Conference [C], Dec 2002.
[99] Otway D, Rees O. Efficient and timely mutual authentication. Operating Systems Review, 1987,21(1):8~10.
[100] Miller SP, Neuman C, Schiller JI, Saltzer JH. Kerberos authentication and authorization system. Project Athena Technical Plan Section E.2.1, MIT, 1987.
[101] CCITT. CCITT draft recommendation X.509. The Directory-Authentication Framework, Version 7, 1987.
[102] C.Perkins. IP Mobility Support, RFC 2002, October 1996
[103] C.Perkins, D.B.Johnson. Route Optimization in Mobile IP, Mobile IP Working Group, Internet Draft, November 1997
[104] R. J. Ellison, D. A. Fisher, R. C. Linger, et al. Survivability: Protecting Your Critical Systems. IEEE Internet Computing, Vol. 3, No. 6: pp. 55-63, November/December 1999.
[105] N. R. Mead, R. Ellison, R. C. Linger, et al. Life-Cycle Models for Survivable Systems. Technical Report CMU/SEI-2002-TR-026, Software Engineering Institute, Carnegie Mellon University, Pittsburgh, PA15213, October 2002. http://www.sei.cmu.edu/pub/documents/ 02.reports/pdf/02tr026.pdf
[106] R. J. Ellison, D. A. Fisher, R. C. Linger, et al. An Approach to Survivable Systems. http://www.cert.org/easel/nato 1 .doc
[107] Howard F. Lipson, David A. Fisher. Survivability Blends Computer Security With Business Risk Management. March 2000. http://interactive.sei.cmu.edu/Columns/Security_Matters/2000/March/Security.mar00.pdf
[108] J.Millen, Local reconfiguration policies, 1999 IEEE Security and Privacy Symposium, IEEE Computer Society, 1999.
[109] SET Secure Electronic Transaction LLC, "SET Secure Electronic Transaction Specification", 1999, http://www.setco.org
[110] R.Hauser, M.Steiner, and M.Waidner, "Micro-payments based on iKP", Proc. Of the 14th Worldwide Congress on Computer and Communications Security Protection, pp. 67-82, 1996
[111] P.Wayner. Digital cash, Byte 19 (10), 126
[112] J.P.Boly, et al. The ESPRIT project CAFE-high security digital apyment system. Computer Security-ESOLICS'94, vol.875, Nov.
[113] J.Doggest, Electronic check project. Financial Services Technology Consortium (FSTC); http://macke.wiwi. hu-berlin/IMI/micropayments.html, 1995
[114] C.Neumann, GMedvinsky, Requirements for network payment-the NetCheque perspective. IEEE Compcon; 1995
[115] M.Peirce, Multi-Party Electronic Payments for Mobile Communications, A thesis submitted for the degree of Doctor of Philosophy in Computer Science University of Dublin, Trinity College Department of Computer Science October 31st, 2000
[116] S.Micali, R.L.Rivest, Micropayments Revisited, LNCS, Proceedings of the The Cryptographer's Track at the RSA Conference on Topics in Cryptology, 2002, pp. 149-163
[117] M.Lee, K.Kim, A Micro-payment System for Multiple-Shopping, The 2002 Symposium on Cryptography and Information Security Shirahama, Japan, Jan.29-Feb. 1,2002
[118] M. Manasse. The Millicent protocols for electronic commerce. In Proceedings of the 1st USENIX Workshop on Electronic Commerce, pp.117-23, New York, USA, July 1995.
[119] M. Bellare, J. Garay, R. Hauser, A. Herzberg, H. Krawczyk, M. Steiner, G. Tsudik, and M.Waidner. iKP - a family of secure electronic payment protocols. In Proceedings of the 1st USENIX Workshop on Electronic Commerce, pp.89-106, New York, USA, July 1995.
[120] M. Sirbu and J. Tygar. NetBill: an Internet commerce system optimized for networkdelivered services. IEEE Personal Communications, 2(4):34-39, August 1995.
[121] J. Stern and S. Vaudenay. SVP: a flexible micropayment scheme. In Financial Cryptography '97 Proceedings, pp. 161-71, Lecture Notes in Computer Science vol. 1318. Springer-Verlag, Berlin, 1997.
[122] R. Rivest and A. Shamir. Pay Word and MicroMint: two simple micropayment schemes. In Proceedings of the 4th Security Protocols International Workshop (Security Protocols), pp. 69-87, LNCS1189. Springer-Verlag, Berlin, 1996.
[123] L. Lamport. Password authentication with insecure communication. Communications of the ACM, 24(11):770-72, November 1981.
[124] Hwang M. S. ,Lin I. C. ,Li L. H, A simple micro-payment scheme, The journal of System and Software 55 (2001) 221-229
[125] CyberCoin. In Electronic payment systems [OPT97], pp. 181-182.
[126] D.Olivier. The Clickshare service. In Workshop on Internet Survey Methodology and Web Demographics, Massachusetts Institute of Technology, Cambridge, Massachusetts, January 1996.
[127] L. Tang. A set of protocols for micropayments in distributed systems. In Proceedings of the 1st USENIX Workshop on Electronic Commerce, pp.107-15, New York, July 1995.
[128] B. Cox, J. Tygar, and M. Sirbu. NetBill security and transaction protocol. In Proceedings of the 1st USENIX Workshop on Electronic Commerce, pp.77-88, New York, July 1995.
[129] P. Michon. Payment in electronic commerce. In Proceedings of the 8th Internet Society Conference on Internet Networking (INET'98), Geneva, Switzerland, July 1998.
[130] H. Beadle, R. Gonzalez, R. Safavi-Naini, and S. Bakhtiari. A review of Internet payments schemes. In Proceedings' of the Australian Telecommunication Networks and Applications Conference (ATNAC'96), pp.486-94, Melbourne, Australia, December 1996.
[131] X. Dai and B. Lo. Netpay - an efficient protocol for micropayments on the WWW. In Proceedings of the 5th Australian World Wide Web Conference (AusWeb'99), Southern Cross University, Lismore, Australia, April 1999.
[1
[132] Vijay Ahuja, Secure Commerce of the Internet, Academic Press, 1996.
[133] Park. D.G, Boyd C., Dawson Ed, Micropayment for Wireless Communications. http://gunther.smeal.psu.edu/context/125761/0
[134] G. Hanaoka, Y. Zheng, and H. Imai. LITESET: A lightweight secure electronic transaction protocol. In Proceedings of the 3rd Australasian Conference on Information Security and Privacy (ACISP'98), Lecture Notes in Computer Science vol. 1438. Springer-Verlag, Berlin, 1998. pp.215-26
[135] Ferreira. L.C., Dahab. R., A scheme for analyzing electronic payment system. 14~(th) Computer Security Applications Conference, 1998, pp. 137-146
[136] D. Wheeler. MicroMint extensions. Computer Laboratory, University of Cambridge, UK, November 1996.
[137] M. Blum. Coin flipping by telephone: a protocol for solving impossible problems. In Advances in Cryptology: A Report on CRYPTO 81, ECE Report 82-04, Dept. of Electrical and Computer Engineering, U. C. Santa Barbara, 1982. pp.11-15
[138] T. Pederson. Electronic payments of small amounts. In Proceedings of the 4th Security Protocols International Workshop (Security Protocols), LNCS1189. Springer-Verlag, Berlin, 1996. pp.59-68
[139] R. Hauser, M. Steiner, and M. Waidner. Micro-payments based on iKE In Proceedings of the 14th Worldwide Congress on Computer and Communications Security Protection, Paris, 1996. pp. 67-82.
[140] 朱建明,马建峰.一种高效的电子商务微支付方案,西安电子科技大学学报,2002增刊
[141] Y. Kim, A. Perrig, and G. Tsudik. Simple and fault-tolerant key agreement for dynamic collaborative groups. Technical Report 2, USC Technical Report 00-737, August 2000.