制造网格系统信息安全技术研究
|
摘要
制造网格是网格技术与先进制造技术结合的产物,是一个基于广域网络的分布式异构平台,由于它具有分布性、异构性、共享性、协同性等特点,与以往的网络应用环境以及网络化制造系统有很大的区别,因此它对信息安全也有新的要求。制造网格不仅会遇到通常Internet中的信息安全问题,如机密性、完整性、真实性、不可否认性、身份认证、访问控制、入侵检测等,同时由于制造系统自身具有多主体性、协同性、共同性、灵活性等特点,要保持这些特点与保证安全性要求之间存在着一定的矛盾与冲突。因此需要进一步研究制造网格中安全信任模型,基于分布式、异构的、动态变化的实体间的密钥协商方法,以及适用于分布式异构环境的具有特殊性质的数字签名方案。
本文分析了制造网格系统的安全特征和安全需求,综合应用现代密码理论和信息安全技术,对制造网格系统中的信息安全问题进行了深入的研究。主要研究成果如下:
分析了制造网格节点间信任关系的建立所涉及到的关键因素,建立了制造网格安全信任模型,把信任的概念建立在网格节点的身份信任和行为信任、计算能力、单元服务开销、先前的工作成功率、入侵检测和入侵抵抗能力的基础上;基于模糊数学中的模糊综合评判理论,提出了制造网格节点信任度综合评估算法,利用该算法可以比较全面地定量评估制造网格节点的信任度,从而建立节点间的信任关系。
研究了分布式、异构、动态变化的实体间的密钥协商问题。基于椭圆曲线密码体制,提出了两种适于制造网格环境的密钥协商协议。协议一是一种基于身份的可认证多方密钥的协商协议,不仅支持不同信任域之间的交互认证,而且不需要特殊的Hash函数,解决了一般基于身份的密码系统中必须具有公共可信PKG和特殊Hash函数的问题;协议二采用共享口令进化认证机制,每次密钥协商生成一个一次性的新口令,达到了既能减轻节点的计算量和存储负担,又能实现密钥认证的功能。
基于椭圆曲线密码体制,提出了一种分布式协同设计信息交换内容摘录签名方案和一种基于身份的广义指定验证者签名方案。基于二次剩余困难性问题,提出了一种适用于制造网格环境的多重数字签名方案。这些方案既能满足制造网格的共享性、协同性和开放性,又能满足协同信息的机密性、真实性、完整性和不可否认性;既能满足实体参与的灵活性,又能满足实体身份的真实性、机密性和不可否认性等安全要求,为制造网格环境中的消息认证和信息源认证,提供了有效的解决方案。基于有限域上的离散对数困难性问题,提出了一种新的基于证书的代理数字签名方案和基于身份的代理数字签名方案,为制造网格节点进行安全授权委托,保证单点登录的安全性提供了解决方案。
以关中区域网络化制造集成平台为背景,构造了关中区域制造网格体系结构框架和安全结构模型,为关中区域制造网格的实现,提供了有效的信息安全服务解决方案。
As the offspring of the grid technology combined with the advanced manufacture technology, the manufacturing grid is a distributed and heterogeneous platform based on wide area networks. It is different from both generic networks and the networked manufacturing systems, due to possessing various characteristics, such as distributed characteristics, heterogeneity, sharing, cooperativity, and so on. Therefore, it has special requests for information security technologies. Not only will the manufacturing grids be confronted with usual information security questions in internet, such as confidentiality, integrality, authenticity, non-repudiation, identity authentication, access control, intrusion detection , but also, the manufacturing grid systems possess inherent characteristics, such as multi-agent, cooperativity, intercommunity, flexibility, etc., lead to some contradictions and conflicts between keeping these characteristics and assureing information security. Therefore, there are urgent demands to explore the security trust model of the manufacturing grid, to research the key agreement methods among multi-entities that are distributed, heterogeneous, and dynamic change, to search special digital signature algorithms, which are applicable to the manufacturing grid systems.
In this doctoral dissertation, the security features and the security requirements of the manufacturing grid systems are analyzed, and the information security issues of the manufacturing grids are researched by making use of the advanced cryptography theory and information security technologies. The main research results are as follows:
The key factors that influence the trusting relationship establishment among manufacturing grid nodes are analyzed. A new manufacturing grid security trust model is proposed, and the concept of trust is established on the foundation of node’s identity trustworthiness and behavior trustworthiness, computing power, unit server cost, previous work success rate, intrusion detection and resistance capability. An integration evaluation algorithm is proposed based on fuzzy integration judgment theory. By making use of the algorithm, the trustworthiness among nodes can be evaluated comprehensively and quantitatively. Therefore, the thorny problem on the trusting relationship establishment among nodes can be solved.
The multi-party key agreement methods are researched, in which, multi-entities are distributed, heterogeneous, dynamic change, and belong to different trust domains. Two new key agreement protocols that are applicable to manufacturing grid systems are proposed based on elliptic curve cryptosystem. The protocol I is an ID-based authenticated multi-party keys agreement protocol. Contrasting with previous schemes, our protocol I provides mutual authentication approach for grid nodes that belong to different trust domains, also, it does not require special hash functions, which effectively solves the problem that exists in almost all existing ID-based key agreement protocols in which a trusted PKG and special hash functions must be need to provide identity authenticity. The protocol II employs shared password evolvement authentication mechanism, which generates a one-time password for every session. The protocol II not only provides end-to-end authenticity and confidentiality, but also saves network bandwidth and computational overhead.
A content extraction signature scheme and an ID-based universal designated-verifier signature scheme for distributed collaborative design are proposed based on elliptic curve cryptosystem. A digital multi-signature scheme is proposed based on the intractability of computing quadratic residues in finite fields. These schemes provide the functionality to ensure both the information sharing, cooperativity, openness, and confidentiality, authenticity, integrity, non-repudiation. Not only these schemes provide the flexibility for entities teamwork, but also satisfy the special security requires of the manufacturing grid users, which provide effectively solutions for message authentication and entity authentication in the manufacturing grid systems. A new delegation-by-certificate proxy signature scheme and a new ID-based proxy signature scheme are proposed based on the intractability of computing discrete logarithm in finite fields, which provide effectively solution for secure authorization entrusting and Single-Sign-On in manufacturing grid systems.
An architecture framework and a security solution architecture model for Guanzhong region manufacturing grid are constructed based on Guanzhong region networked manufacturing integrated platform. A workable and valuable information security solution model is presented for the implementation of Guanzhong region manufacturing grid system.
本文分析了制造网格系统的安全特征和安全需求,综合应用现代密码理论和信息安全技术,对制造网格系统中的信息安全问题进行了深入的研究。主要研究成果如下:
分析了制造网格节点间信任关系的建立所涉及到的关键因素,建立了制造网格安全信任模型,把信任的概念建立在网格节点的身份信任和行为信任、计算能力、单元服务开销、先前的工作成功率、入侵检测和入侵抵抗能力的基础上;基于模糊数学中的模糊综合评判理论,提出了制造网格节点信任度综合评估算法,利用该算法可以比较全面地定量评估制造网格节点的信任度,从而建立节点间的信任关系。
研究了分布式、异构、动态变化的实体间的密钥协商问题。基于椭圆曲线密码体制,提出了两种适于制造网格环境的密钥协商协议。协议一是一种基于身份的可认证多方密钥的协商协议,不仅支持不同信任域之间的交互认证,而且不需要特殊的Hash函数,解决了一般基于身份的密码系统中必须具有公共可信PKG和特殊Hash函数的问题;协议二采用共享口令进化认证机制,每次密钥协商生成一个一次性的新口令,达到了既能减轻节点的计算量和存储负担,又能实现密钥认证的功能。
基于椭圆曲线密码体制,提出了一种分布式协同设计信息交换内容摘录签名方案和一种基于身份的广义指定验证者签名方案。基于二次剩余困难性问题,提出了一种适用于制造网格环境的多重数字签名方案。这些方案既能满足制造网格的共享性、协同性和开放性,又能满足协同信息的机密性、真实性、完整性和不可否认性;既能满足实体参与的灵活性,又能满足实体身份的真实性、机密性和不可否认性等安全要求,为制造网格环境中的消息认证和信息源认证,提供了有效的解决方案。基于有限域上的离散对数困难性问题,提出了一种新的基于证书的代理数字签名方案和基于身份的代理数字签名方案,为制造网格节点进行安全授权委托,保证单点登录的安全性提供了解决方案。
以关中区域网络化制造集成平台为背景,构造了关中区域制造网格体系结构框架和安全结构模型,为关中区域制造网格的实现,提供了有效的信息安全服务解决方案。
As the offspring of the grid technology combined with the advanced manufacture technology, the manufacturing grid is a distributed and heterogeneous platform based on wide area networks. It is different from both generic networks and the networked manufacturing systems, due to possessing various characteristics, such as distributed characteristics, heterogeneity, sharing, cooperativity, and so on. Therefore, it has special requests for information security technologies. Not only will the manufacturing grids be confronted with usual information security questions in internet, such as confidentiality, integrality, authenticity, non-repudiation, identity authentication, access control, intrusion detection , but also, the manufacturing grid systems possess inherent characteristics, such as multi-agent, cooperativity, intercommunity, flexibility, etc., lead to some contradictions and conflicts between keeping these characteristics and assureing information security. Therefore, there are urgent demands to explore the security trust model of the manufacturing grid, to research the key agreement methods among multi-entities that are distributed, heterogeneous, and dynamic change, to search special digital signature algorithms, which are applicable to the manufacturing grid systems.
In this doctoral dissertation, the security features and the security requirements of the manufacturing grid systems are analyzed, and the information security issues of the manufacturing grids are researched by making use of the advanced cryptography theory and information security technologies. The main research results are as follows:
The key factors that influence the trusting relationship establishment among manufacturing grid nodes are analyzed. A new manufacturing grid security trust model is proposed, and the concept of trust is established on the foundation of node’s identity trustworthiness and behavior trustworthiness, computing power, unit server cost, previous work success rate, intrusion detection and resistance capability. An integration evaluation algorithm is proposed based on fuzzy integration judgment theory. By making use of the algorithm, the trustworthiness among nodes can be evaluated comprehensively and quantitatively. Therefore, the thorny problem on the trusting relationship establishment among nodes can be solved.
The multi-party key agreement methods are researched, in which, multi-entities are distributed, heterogeneous, dynamic change, and belong to different trust domains. Two new key agreement protocols that are applicable to manufacturing grid systems are proposed based on elliptic curve cryptosystem. The protocol I is an ID-based authenticated multi-party keys agreement protocol. Contrasting with previous schemes, our protocol I provides mutual authentication approach for grid nodes that belong to different trust domains, also, it does not require special hash functions, which effectively solves the problem that exists in almost all existing ID-based key agreement protocols in which a trusted PKG and special hash functions must be need to provide identity authenticity. The protocol II employs shared password evolvement authentication mechanism, which generates a one-time password for every session. The protocol II not only provides end-to-end authenticity and confidentiality, but also saves network bandwidth and computational overhead.
A content extraction signature scheme and an ID-based universal designated-verifier signature scheme for distributed collaborative design are proposed based on elliptic curve cryptosystem. A digital multi-signature scheme is proposed based on the intractability of computing quadratic residues in finite fields. These schemes provide the functionality to ensure both the information sharing, cooperativity, openness, and confidentiality, authenticity, integrity, non-repudiation. Not only these schemes provide the flexibility for entities teamwork, but also satisfy the special security requires of the manufacturing grid users, which provide effectively solutions for message authentication and entity authentication in the manufacturing grid systems. A new delegation-by-certificate proxy signature scheme and a new ID-based proxy signature scheme are proposed based on the intractability of computing discrete logarithm in finite fields, which provide effectively solution for secure authorization entrusting and Single-Sign-On in manufacturing grid systems.
An architecture framework and a security solution architecture model for Guanzhong region manufacturing grid are constructed based on Guanzhong region networked manufacturing integrated platform. A workable and valuable information security solution model is presented for the implementation of Guanzhong region manufacturing grid system.
引文
【1】范玉顺,刘非,祁国宁.网络化制造系统及其应用实践[M],北京:机械工业出版社,2003:16-26.
【2】杨叔子,吴波,胡春华,程涛.网络化制造与企业集成[J].中国机械工程,2000,11(2):45-49.
【3】江平宇.e-制造系统的实现方法与应用研究[J].计算机集成制造系统,2003,9(4):253-259.
【4】范玉顺.网络化制造的内涵与关键技术问题[J].计算机集成制造系统,2003,9(7):576-582.
【5】I.Foster,C.Kesselman.The Grid:Blueprint for a Future Computing Infrastructure[M].USA:Morgan Kaufmann, San Fransisco,CA,1999:3-21.
【6】M.Baker,R.Buyya,D.Laforenza.Grids and Grid Technologies for Wide-Area Distributed Computing[J]. Practice and Experience(SPE),2002,32(15):1437-1466.
【7】张立晴,范玉顺.网格技术及其在制造领域的应用[J].航空制造技术,2003,(2):32-37.
【8】Luis M.Camarinha-Matos,C.Pantoja-Lima.Towards an execution system for distributed business in a virtual enterprise[C].HPCN2000,LNCS1823.Heidelberg,Berlin:Springer-Verlag,2000:1009-1021.
【9】范玉顺.制造网格的概念与体系结构[J].航空制造技术.2005,(10):42-45.
【 10 】 Y.Fan, D.Zhao. Manufacturing grids:needs,concept,and architecture[C].GCC2003,LNCS3032. Heidelberg, Berlin:Springer-Verlag,2004:653-656
【11】刘丽兰.制造网格及其基于Qos的资源管理系统研究[D].上海:上海大学,2004:6-11.
【12】颜波,黄必清,郑力,肖田元.网格研究现状及其在制造业中的应用[J].计算机集成制造系统, 2004, 10(9):1021-1030.
【13】I.Foster,C.Kesselman. Globus: A Meta-computing Infrastructure Toolkit[J]. International Joumal of Supercomputer Applications. 1997,11(2):115-128.
【14】I.Foster,C.Kesselman. The Globus Project: A Status Report[C]. In Proceeding of the Heterogeneous Computing Workshop. IEEE Computer Society Press, 1998:4-18.
【 15 】 Xiao N. Grid technology is marching on business[EB/OL]. http://www.tech.sina.com.cn/it/ 2003-11-26/1625260838.html, 2003-11-26/2006-10-16.
【16】M.Koch, J.Ni,J.Lee. Introduction of e-Manufacturing[C]. Proceeding of International Conference on Frontiers on Design and Manufacturing- Dalian, China, 2002:6-12.
【17】黄琛,范玉顺.e-Manufacturing 的体系结构和实施方案研究[J].中国机械工程,2004,15(19): 1760-1764.
【18】徐志伟,李伟.织女星网格的体系结构研究[J].计算机研究与发展,2002,39(8):923-929.
【 19 】 陈 克 非 . 网 格安 全 的 若 干 问 题 [EB/OL]. http://cis.sjtu.edu.cn/personal/chenkefei/papers.htm, 2006-02-12/2006-10-21.
【20】李鑫,刘妍,陈克非.网格计算中的信任模型研究[J].计算机工程, 2005,31(3):64-66.
【21】Qiu R.G. Manufacturing grid: a next generation manufacturing model[C]. 2004 IEEE International Conference on Systems, Man and Cybernetics, The Hague, Netherlands, Volume 5, 2004:4667- 4672.
【22】房向明,杨寿保,郭磊涛,张蕾.网格计算系统的安全体系结构模型研究[J].计算机科学,2004,31(7): 63-65.
【23】C.Meyer,S.M.Matyas. Cryptography: A new Dimension in Computer Data Security[M]. National Defense Industry Press. 1988:11-59.
【24】H.Jin,D.Zou,H.Chen,J.Sun,S.Wu.Fault-Tolerant grid Architecture and Practice[J].Journal of Computer Science and Technology,2003,18(4):423-433.
【25】L.Chen,H.W.Lim,W.Mao. User-friendly Grid Security Architecture and Protocols[C]. Proceedings of the 13th International Workshop on Security Protocols 2005, Cambridge, UK, to appear. http://www.homepages.feis.herts.ac.uk/~strrjh/SP2005/schedule.html
【26】H.W.Lim,M.J.B. Robshaw. A Dynamic Key Infrastructure for GRID[C]. Proceedings of the European Grid Conference (EGC 2005), Amsterdam, The Netherlands, LNCS3470, Heidelberg,Berlin: Springer-Verlag, 2005:255-264.
【27】I.Foster,C.Kesselman,G.Tsudik,S.Tuecke. A Security Architecture for Computational Grids[C]. Proceedings of 5th ACM Conference on Computer and Communications Security, San Francisco, California,Association for Computing Machinery, 1998:83-92.
【28】R.Butler,D.Engert,I.Foster,C.Kesselman,S.Tuecke,J.Volmer,V.Welch. A National-Scale Authentication Infrastructure[J], IEEE Computer, 2000,33(12):60-66.
【 29 】 H.Cai,T.Yu,M.Fang,Y.Lei.Security solution to manufacturing grid usage scenarios[C]. CCGRID2005:638-643.
【30】Wu Yangdong, Qi Guoning, Xie Qingsheng, Gu Xinjian. Research on Architecture of Manufacturing Grid for Application Service Provider Mode[C]. Proceedings of the 2006 IEEE International Conference on Networking, Sensing and Control, ICNSC’06. Volume23-25, 2006:233-237.
【31】刘婷婷.网络化制造系统中安全体系结构及访问控制技术研究[D]. 南京:南京理工大学, 2004:3-5.
【32】W.Diffie,M.E.Hellman. New Directions in Cryptography[J]. IEEE Trans. Info. Theory, 1976, 22(11):644-654.
【33】C.E.Shannon. A mathematical theory of communication[J]. Bell System Technical Journal, 1948, 27(3):379-423.
【34】G.Caronni. Efficient Security for Large and Dynamic Groups[R]. Technical Report TIK Technical Report No.41. Computer Engineering and Networks Laboratory, Swiss Federal Institute of Technology, February, 1998.
【35】K.Becker,U.Wille. Communication complexity of group key distribution[C]. In proc.5th ACM Conference on Computer and Communications Security, San Francisco,CA USA, ACM Press.1998:1-6.
【36】Nam JY, Lee JW, Kim SJ, Won DH. DDH-Based group key agreement for mobile computing[EB/OL]. Cryptology ePrint Archive, Report 2004/127, 2004. http://eprint.iacr.org/2004/127,2004-05-29/2005-12-10.
【37】M.Burmester,Y.Desmedt. A secure and efficient conference key distribution system[C]. Advances in Cryptology-EUROCRYPT’94,LNCS950,Heidelberg,Berlin:Springer-Verlag,1995:275-286.
【38】G.Horng. An efficient and secure protocol for multi-party key establishment[J]. The Computer Journal, 2001,44(5):463-470.
【39】M.Aydos, B.Sunar, C.K.Koc. An elliptic curve cryptography based authentication and key agreement protocol for wireless communication[C]. 2nd International Workshop on Discrete Algorithms and Methods for Mobile Computing and Communications, Dallas,Texas, October 30,1998.
【 40 】 X.Du,Y.Wang,J.Ge,Y.Wang. An Improved ID-based Authenticated Group Key Agreement Scheme[EB/OL]. Cryptology ePrint Archive, Report 2003/260, http://eprint.iacr.org/2003/260,2003-12-17/ 2005-05-20.
【41】H.S.Dong, P.Seweeney. Simple authenticated key agreement algorithm[J]. Electron Letters. 1999, 35(13):1073-1074.
【42】B.T.Hsieh,H.M.Sun,T.Hwang. Cryptanalysis of enhancement for simple authentication key agreement algorithm[J]. Electronics Letters,2002,38(1):20-21.
【43】T.Kwon. Practical authenticated key agreement using passwords[EB/OL]. Information Security Conference, Palo Alto, CA, September 2004. http://dasan.sejong.ac.kr/~tkwon/research/tpamp_full.pdf, 2004-09-20/2004-10-16.
【44】隋爱芬,杨义先,钮心忻,罗守山.基于椭圆曲线密码的可认证密钥协商协议的研究[J].北京邮电大学学报, 2004,27(3):28-32.
【45】A.Shamir. Identity-Based Cryptosystems and Signature Schemes[C]. In Advances in Cryptology- CRYPTO'84, LNCS0193, Heidelberg,Berlin:Springer-Verlag,1984:47-53.
【46】D.Boneh and M. Franklin. Identity-Based Encryption from the Weil Pairing[C]. In Advances in Cryptology-CRYPTO 2001, LNCS2139, Heidelberg,Berlin:Springer-Verlag,2001:213-229.
【47】F.Zhang,X.Chen.Attack on an ID-based Authenticated Group Key Agreement Scheme from PKC 2004[J].Information Processing Letters, 2004,91(4):191-193.
【48】L.Chen,C.Kudla. Identity Based Authenticated Key Agreement from Pairings[EB/OL]. Cryptology ePrint Archive, Technology Rep:2002/184,2002.http://eprint.iacr.org/2002/184, 2002-11-28/ 2005-06-10.
【49】G.Xie. An ID-Based Key Agreement Scheme from pairing[EB/OL]. Cryptology ePrint Archive, Report 2005/093. .http://eprint.iacr.org/2005/093, 2005-05-22/2006-03-16.
【50】K.Hoeper, G.Gong. Bootstrapping Security in Mobile Ad Hoc Networks Using Identity-Based Schemes with Key Revocation[EB/OL].CACR 2006-04 Technical Reports.http://www.cacr.math. uwaterloo.ca/tech_reports.html, 2006-04-10/2006-12-15.
【51】H.W.Lim, M.J.B. Robshaw. On Identity-Based Cryptography and GRID Computing[C]. Proceedings of the 4th International Conference on Computational Science (ICCS2004), Heidelberg,Berlin:Springer- Verlag LNCS3036, 2004:474-477.
【52】W.Mao. An Identity-based Non-interactive Authentication Framework for Computational Grids[R]. HP Lab,Technical Report HPL-2004-96, June 2004. http://www.hpl.hp.com/techreports/2004/HPL-2004-96.pdf
【53】H.W.Lim, K.G.Paterson. Identity-Based Cryptography for Grid Security[C]. Proceedings of the 1st IEEE International Conference on e-Science and Grid Computing (e-Science 2005), Melbourne, Australia, IEEE Computer Society Press, 2005,395-404.
【54】H.W.Lim. On the Application of Identity-Based Cryptography in Grid Security[D].PhD Thesis, London:University of London, 2006:12-16.
【55】P.S.L.M.Barreto, H.Y.Kim, Fast hashing onto elliptic curves over fields of characteristic 3[EB/OL], Cryptology ePrint Archive, Report 2001/098. http://eprint.iacr.org/2001/098/.2001-11-15/2005-06-10.
【56】F.Zhang, X.Chen, W.Susilo,Y.Mu. A New Signature Scheme Without Random Oracles from Bilinear Pairings[EB/OL], cryptology ePrint Archive, Report 2005/386. http://eprint.iacr.org/2005/386, 2005-12-10/2006-10-12.
【57】F.Zhang, S.N.Reihaneh, W.Susilo. An Efficient Signature Scheme from Bilinear Pairings and Its Applications[C]. Public Key Cryptography 2004:277-290.
【58】王育民,刘建伟.通信网的安全-理论与技术[M]. 西安:西安电子科技大学出版社, 1999:265-265.
【 59 】 R.Rivest, A.Shamir, L.Adlman. A method for obtaining digital signatures and public-key cryptosystems[J]. Communications of ACM, 1978,21(2):120-126.
【60】B.Schneier. Applied Cryptography:Protocols,Algorithms,and Source Code[M].Peking:China Machine Press, 2000:36-490.
【61】D.E.Denning.Digital signatures with RSA and other public-key cryptosystems[J]. Communi- cations of the ACM, 1984,27(4):388-392.
【62】National Bureau of Standards, Digital signature standard[EB/OL]. FIPS Publication 186-2-DSS. Http://www.csrc.nist.gov/publications/fips/fips186-2/fips186-2-change1.pdf, 2000-01-27/2006-10-10.
【63】D.Johnson,A.Menezes. ANSI X9.62, Public Key Cryptography for the Financial Services Industry: The Elliptic Curve Digital Signature Algorithm (ECDSA)[EB/OL], http://grouper.ieee.org/groups/1363/ Research/Other.html#ANSI, 1999-09-01/2004-01-10.
【64】W.Mao.Modern Cryptography: Theory and Practice [M].北京:电子工业出版社,2004:55-362.
【65】M.Bellare,S.Miner. A forward-secure digital signature scheme[C]. CRYPTO'99, LNCS1666, Heidelberg,Berlin:Springer-Verlag,1999:431-448.
【66】D.Chaum. Blind signatures for untraceable payments[C]. Proceedings of the Advances in Cryptology-Crypto'82, Heidelberg,Berlin:Springer-Verlag, New York:Plenum Press,1983:199-203.
【 67】 D.Chaum, H.van Antwerpen. Undeniable signatures[C]. Proceedings of the Advances in CRYPTO'89, LNCS435, Heidelberg,Berlin:Springer-Verlag,1989:212-216.
【 68】 D.Chaum. Designated confirmer signatures[C]. Proceedings of the Advances in Cryptology (EUROCRYPT’94). LNCS950, Heidelberg,Berlin:Springer-Verlag, 1994:86-89.
【69】J.Camenisch, M.Michels. Confirmer signature schemes secure against adaptive adversaries[C]. Advances in Cryptography-EUROCRYPT2000.LNCS1807,Heidelberg,Berlin:Springer-Verlag,2000:243-258.
【70】Y.Desmedt. Society and group oriented cryptography: a new concept[C]. Advances in Crypto'87, LNCS293, Heidelberg,Berlin:Springer-Verlag,1988:120-127.
【 71】 D.Chaum, E.van Heyst. Group signatures[C]. Advances in EUROCRYPT'91, LNCS547, Heidelberg,Berlin:Springer-Verlag,1991:257-265.
【72】M.Mambo,K.Usuda,E.Okamoto. Proxy signature for delegating signing operation[C]. Proceedings of the 3th ACM Conference on Computer and Communications Security, New Dehli, India, ACM Press, New York,1996:48-57.
【 73 】 D.Boneh, B.Lynn,H.Shacham. Short signatures from the Weil pairing[C]. Advances in Asiacrypt2001, LNCS2248, Heidelberg,Berlin:Springer-Verlag, 2001:514-532.
【74】M.Abe, M.Ohkubo,K. Suzuki. 1-out-of-n signatures from a variety of keys[C]. Advances in ASIACRYPT2002, LNCS2501, Heidelberg,Berlin:Springer-Verlag,2002:415-432.
【75】R.Steinfeld,L.Bull,H.Wang,J.Pieprzyk.Universal designated-verifier signatures[C], Proceedings of the Advances in Asiacrypt 2003, LNCS2894, Heidelberg,Berlin:Springer-Verlag,2003:523-542.
【76】X.Huang, W.Susilo, Y.Mu,W.Wu. Universal Designated Verifier Signature without Delegatability[C]. Eighth International Conference on Information and Communications Security (ICICS '06), Raleigh, North Carolina, USA, LNCS4307, Heidelberg,Berlin:Springer-Verlage,2006:479-498.
【77】高曙明,何发智.分布式协同设计技术综述[J].计算机辅助设计与图形学学报,2004,16(2):149-157.
【78】孙林夫,面向网络化制造的协同设计技术[J].计算机集成制造系统,2005,11(1):1-6.
【79】哈进兵,胡文斌,严仰光.网络化协同制造系统中的信息安全研究现状[J].机械科学与技术,2004, 23(11):1382-1386.
【 80 】 F.Zhang,W.Susilo,Y.Mu,X.Chen.Identity-based Universal Designated Verifier Signatures[C], SecUbiq’05, LNCS3823, Heidelberg,Berlin:Springer-Verlag,2005:825-834.
【81】D.E.Denning, D.K.Branstad. A taxonomy of key escrow encryption systems[J]. Communications of the ACM,1996,39(3):34-40.
【82】R.Steinfeld, L.Bull, Y.Zheng. Content extraction signatures[C]. Proceedings ICICS 2001, LNCS2288, Heidelberg,Berlin:Springer-Verlag, 2002:285-304.
【83】L.Bull, P.Stanski, D.S.Mcg. Content Extraction Signatures using XML Digital Signatures and Custom Transforms On-Demand[C]. Proceedings of the 12th International World Wide Web Conference, Budapest, Hungary, ACM Press, 2003:170-177.
【84】L.Bull, D.S.Mcg, J.Newmarch. Grouping Verifiable Content for Selective Disclosure using XML Signatures[C], Proceedings of ACISP2003, Wollongong, Australia, LNCS2727, Heidelberg,Berlin:Springer- Verlag, 2003:1-12.
【85】K.Itakura,K.Nakamura. A public-key cryptosystem suitable for digital multisignature[J]. NEC Research and Development, 1983,71(10):1-8.
【86】T.Hardjono,Y.Zheng,A Practical Digital multisignature scheme based on Discrete Logarithms[C]. Advances in Cryptology- Proceedings of Auscrypt'92, Heidelberg,Berlin:Springer,1992:16-21.
【87】P.Horster,M.Michels,H.Petersen. Blind Multisignature schemes based on the discrete logarithm problem[C]. Proceedings of the 11th Annual Computer Security Applications Conference, New Orleans, IEEE Press,1995:149-155.
【 88 】 K.Ohta,T.Okamoto.Multi-signature schemes secure against active insider attacks[J]. IEICE Transactions of Fundamentals,1999,82-A(1):22-31.
【89】L.Harn, T.Kresler. New scheme for digital multisignatures[J]. Electronics Letters, 1990,25(15): 1002-1003.
【90】L.Harn. Group-oriented (t,n) threshold digitial signature scheme and digital multisignature[J]. IEE Proceedings of Computers and Digital Techniques, 1994,141(5):307-313.
【91】M.Burmester, Y.Desmedt, H.Doi, M.Mambo, E.Okamoto, M.Tada and Y.Yoshifuji. A structured ElGamal-type multisignature scheme[C]. Proceedings of Third International Workshop on Practice and Theory in Public Key Cryptosystems (PKC2000), Heidelberg,Berlin:Springer-Verlag, 2000:466-483.
【92】S.Micali, K.Ohta, L.Reyzin. Accountable-subgroup multisignatures[C]. Proceedings of the ACM Conference on Computer and Communications Security 2001 (CCS2001), ACM press, 2001:245-254.
【93】A.Boldyreva. Efficient threshold signature,multisignature and blind signature schemes based on the gap-Diffie-Hellman-group signature scheme[C]. Prceedings of PKC2003, LNCS2567, Heidelberg,Berlin: springer-Verlag,2003:31-46.
【94】C.Y.Lin, T.C.Wu and F.Zhang. A Structured Multisignature Scheme from the Gap Diffie-Hellman Group[EB/OL], Cryptology ePrint Archive, Report 2003/090. http://eprint.iacr.org/2003/090, 2003-05-06/ 2006-05-20.
【95】张键红,韦永壮,王育民. 基于RSA的多重数字签名[J]. 通讯学报, 2003,24(8):150-154.
【96】韩小西,王贵林,鲍丰,任奎.针对基于离散对数多重签名方案的一种攻击[J].计算机学报. 2004, 27(8):1147-1152.
【97】H.M.Sun, N.Y.Lee. T.Hwang. Threshold proxy signatures[J]. IEE Proceedings of Computers and Digital Techniques, 1999,146(5):259-263.
【98】X.Chen, F.Zhang, K.Kim. ID-based Multi-Proxy Signature and Blind Multisignature from Bilinear Pairings[C], Proceedings of KIISC conference 2003,Korea 2003:11-19.
【99】伊丽江,白国强,肖国镇.代理多重签名:一类新的代理签名方案[J].电子学报,2001,29(4):569-570.
【100】王晓明,符方伟.一种代理多重数字签名方案的安全分析[J].通信学报,2002,23(4):98-102.
【101】Shum K, Victor K W.A strong proxy signature scheme with proxy signer privacy protection[C]. Proceedings of the Eleventh IEEE International Workshops on Enabling Technologies:Infrastructure for Collaborative Enterprises(WETICE'02). Alamitos(CA,USA):IEEE Computer Society Press,2002:55-56.
【102】Li J G, Cao Z F, Zhang Y C. Non-repudiable proxy multi-signature schemes[J]. Computer Science and Technology, 2003,18(3):399-402.
【103】Sun H M. Design of time-stamped proxy signature with traceable receivers[C]. IEE Proceedings of Computers and Digital Techniques. London:IEE,2000,147(6):462-466.
【104】X.Huang, Y.Mu,W.Susilo.Short Designated Verifier Proxy Signature from Pairings[C]. EUC Workshops 2005, LNCS3823. Heidelberg,Berlin:Springer-Verlag,2005:835-844.
【105】李继国,曹珍富,李建中,张亦辰.代理签名的现状与进展[J].通信学报, 2003,24(10):114-124.
【106】李继国,曹珍富,张亦辰,李建中.代理多重签名方案的密码分析与修改[J].高技术通讯,2003, 13(4):1-5.
【107】V.Miller, Uses of elliptic curves in cryptography[C]. Advances in Cryptology CRYPTO’85, LNCS218, Heidelberg,Berlin:Springer-Verlag,1986:417-426.
【108】N.Koblitz. Elliptic Curve Cryptosystems[J]. Mathematics of Computation, 1987,48(17):203-209.
【109】Y.Yacobi. A note on the bilinear Diffie-Hellman assumption[EB/OL],IACR Cryptology ePrint Archive, Report 2002/113,2002. http://eprint.iacr.org/2002/113/, 2002-08-07/2005-5-25.
【 110 】 D.Boneh, M.Franklin, Identity-based encryption from the Weil pairings[C], Advances in Cryptology-Crypto2001, LNCS2139, Heidelberg,Berlin:Springer-Verlag, 2001:213-229.
【111】J.C.Cha, J.H.Cheon. An identity-based signature from gap Diffie-Hellman groups[C], Public Key Cryptography-PKC2003, LNCS2567, Heidelberg,Berlin:Springer-Verlag, 2003:18-30.
【112】J.H.Cheon,Y.Kim, H.J.Yoon. A New ID-based Signature with Batch Verification[EB/OL]. Cryptology ePrint Archive, Report 2004/131. http://eprint.iacr.org/2004/131,2004-05-31/2006-01-15.
【113】D.Boneh, C.Gentry, B.Lynn, H.Shacham. Aggregate and Verifiably Encrypted Signatures from Bilinear Maps[C]. Eurocrypt2003, LNCS2656, Heidelberg,Berlin:Springer-Verlag,2003:416-432.
【114】A.Joux. The Weil and Tate Pairings as Building Blocks for Public Key Cryptosystems[C]. Fifth Algorithmic Number Theory Symposium,LNCS2369,Heidelberg,Berlin:Springer-Verlag,2002:20-32.
【 115 】 M.Blaze,J.Feigenbaum,J.Lacy.Decentralized trust management[C].Proceedings of the 17th symposinmon security and privacy, IEEE Computer society press,1996:164-173.
【116】T.Beth, M.Borcherding, B.Klein. Valuation of trust in open system[C]. In D.Gollmann, editor, Computer Security,ESORICS’94,LNCS875, Heidelberg,Berlin:Springer-Verlag,1994:3-18.
【117】A.Abdul Rahman, S.Hailes. A distributed trust model[C]. Proceedings of the 1997 New Security Paradigms Work shop, Combria,UK,ACM Press,1997:48-60.
【118】T.Grandison and M. Sloman. A survey of trust in Internet applications[J], IEEE Communications Surveys & Tutorials,2000,3(4):2-16.
【119】T.Ryutov, C.Neuman, L.Zhou, Integrated Access Control and Intrusion Detection (IACID) Framework for Secure Grid Computing[R], USC Internet and Grid Computing Laboratory technical report, May 21, 2004. TR 2004-9, http://www.google.com
【120】F.Azzedin, M.Maheswaran. Evolving and Managing Trust in Grid Computing Systems[J]. Advanced in Canadian Conference on Electrical and Computer Engineering,IEEE CCECE 2002,(3):1424-1429.
【121】F.Azzedin, M.Maheswaran. Integrating Trust into Grid Resource Management Systems[C], Advanced in 2002 International Conference on Parallel Processing (ICPP 2002),2002:47-54.
【122】S.Song, K.Hwang, M.Macwan. Fuzzy Trust Integration for Security Enforcement in Grid Computing[C]. International Symposium on Network and Parallel Computing(NPC2004). Heidelberg, Berlin:Springer-Verlag, 2004:9-12.
【123】T.Okamoto,K.Harada,E.Okamoto. ID-Based Key Agreement Schemes using General Hash Function from Pairing [EB/OL]. The 2004 Workshop on Information Security Research. Available at http://www-kairo.csce. kyushu-u.ac.jp/WISR2004/presentation07.pdf, 2004-12-10/2005-06-10.
【124】K.Kurosawa, S.H.Heng. Identity-based identification without random oracles[EB/OL]. In ISH'2005, http://www.springerlink.com/index/RTWC06KJN7L2V682.pdf, 2006-03-10/2006-06-16.
【125】D.Pointcheval, J.Stern, Security arguments for digital signatures and blind signatures[J]. Journal of Cryptology,2000,13(3):361-396.
【126】M.Bellare. O.Goldreich. S.Goldwasser. Incremental Cryptography:The Case of Hashing and Signing[C]. CRYPTO’94, LNCS839, Heidelberg,Berlin:Springer-Verlag,1994:216-233.
【127】XML Core Working Group. XML-Signature Syntax and Processing[EB/OL].W3C Proposed Recommendation. August 20,2001. http://www.w3.org/TR/xmldsig-core. 2002-02-12/2006-5-20.
【128】A.Fiat. Batch RSA[C]. In CRYPTO’89,LNCS435.Heidelberg,Berlin:Springer-Verlag,1990:232-241.
【129】A.Shamir. On the generation of cryptographically strong pseudorandom sequences[J]. ACM Transactions on Computer Systems, 1983,1(1):38-44.
【130】D.Pointcheval, J.Stern. Security proofs for signature schemes[C]. Adcances in Cryptology- Proceedings of EUROCYPT’96, LNCS1070, Heidelberg,Berlin:Springer-Verlag,1996:387-398.
【131】X.Yi. An identity-based signature scheme from the Weil pairing[J],IEEE Communications Letters, 2003,7(2):76-78.
【132】Z.Tan, Z.Liu. Provably Secure Delegation-by-Certification Proxy Signature Schemes[EB/OL]. http://eprint.iacr.org/2004/148/,2004-07-24/2006-06-25.
【133】陈辉,王平.网格计算中的安全体系结构分析[J].计算机安全,2004,(2):15-16.
【134】黄家玮,费洪晓.网格安全问题及解决方案[J].现代计算机, 2004,21(12):32-35.
【135】R.Housley, W.Ford, W.Polk, D.Solo. Internet X.509 Public Key Infrastructure Certificate and CRL Profile. RFC2459[EB/OL], January 1999, Available at http://www.ietf.org/rfc/rfc2459.txt, 1999-03-01/2002-10-16.
【136】C.Adams, S.Farrell. Internet X.509 Public Key Infrastructure: Certificate Management Protocols. RFC2510[EB/OL],March 1999, Available at http://www.ietf.org/rfc/rfc2510.txt,1999-03-28/2002-10-16.
【2】杨叔子,吴波,胡春华,程涛.网络化制造与企业集成[J].中国机械工程,2000,11(2):45-49.
【3】江平宇.e-制造系统的实现方法与应用研究[J].计算机集成制造系统,2003,9(4):253-259.
【4】范玉顺.网络化制造的内涵与关键技术问题[J].计算机集成制造系统,2003,9(7):576-582.
【5】I.Foster,C.Kesselman.The Grid:Blueprint for a Future Computing Infrastructure[M].USA:Morgan Kaufmann, San Fransisco,CA,1999:3-21.
【6】M.Baker,R.Buyya,D.Laforenza.Grids and Grid Technologies for Wide-Area Distributed Computing[J]. Practice and Experience(SPE),2002,32(15):1437-1466.
【7】张立晴,范玉顺.网格技术及其在制造领域的应用[J].航空制造技术,2003,(2):32-37.
【8】Luis M.Camarinha-Matos,C.Pantoja-Lima.Towards an execution system for distributed business in a virtual enterprise[C].HPCN2000,LNCS1823.Heidelberg,Berlin:Springer-Verlag,2000:1009-1021.
【9】范玉顺.制造网格的概念与体系结构[J].航空制造技术.2005,(10):42-45.
【 10 】 Y.Fan, D.Zhao. Manufacturing grids:needs,concept,and architecture[C].GCC2003,LNCS3032. Heidelberg, Berlin:Springer-Verlag,2004:653-656
【11】刘丽兰.制造网格及其基于Qos的资源管理系统研究[D].上海:上海大学,2004:6-11.
【12】颜波,黄必清,郑力,肖田元.网格研究现状及其在制造业中的应用[J].计算机集成制造系统, 2004, 10(9):1021-1030.
【13】I.Foster,C.Kesselman. Globus: A Meta-computing Infrastructure Toolkit[J]. International Joumal of Supercomputer Applications. 1997,11(2):115-128.
【14】I.Foster,C.Kesselman. The Globus Project: A Status Report[C]. In Proceeding of the Heterogeneous Computing Workshop. IEEE Computer Society Press, 1998:4-18.
【 15 】 Xiao N. Grid technology is marching on business[EB/OL]. http://www.tech.sina.com.cn/it/ 2003-11-26/1625260838.html, 2003-11-26/2006-10-16.
【16】M.Koch, J.Ni,J.Lee. Introduction of e-Manufacturing[C]. Proceeding of International Conference on Frontiers on Design and Manufacturing- Dalian, China, 2002:6-12.
【17】黄琛,范玉顺.e-Manufacturing 的体系结构和实施方案研究[J].中国机械工程,2004,15(19): 1760-1764.
【18】徐志伟,李伟.织女星网格的体系结构研究[J].计算机研究与发展,2002,39(8):923-929.
【 19 】 陈 克 非 . 网 格安 全 的 若 干 问 题 [EB/OL]. http://cis.sjtu.edu.cn/personal/chenkefei/papers.htm, 2006-02-12/2006-10-21.
【20】李鑫,刘妍,陈克非.网格计算中的信任模型研究[J].计算机工程, 2005,31(3):64-66.
【21】Qiu R.G. Manufacturing grid: a next generation manufacturing model[C]. 2004 IEEE International Conference on Systems, Man and Cybernetics, The Hague, Netherlands, Volume 5, 2004:4667- 4672.
【22】房向明,杨寿保,郭磊涛,张蕾.网格计算系统的安全体系结构模型研究[J].计算机科学,2004,31(7): 63-65.
【23】C.Meyer,S.M.Matyas. Cryptography: A new Dimension in Computer Data Security[M]. National Defense Industry Press. 1988:11-59.
【24】H.Jin,D.Zou,H.Chen,J.Sun,S.Wu.Fault-Tolerant grid Architecture and Practice[J].Journal of Computer Science and Technology,2003,18(4):423-433.
【25】L.Chen,H.W.Lim,W.Mao. User-friendly Grid Security Architecture and Protocols[C]. Proceedings of the 13th International Workshop on Security Protocols 2005, Cambridge, UK, to appear. http://www.homepages.feis.herts.ac.uk/~strrjh/SP2005/schedule.html
【26】H.W.Lim,M.J.B. Robshaw. A Dynamic Key Infrastructure for GRID[C]. Proceedings of the European Grid Conference (EGC 2005), Amsterdam, The Netherlands, LNCS3470, Heidelberg,Berlin: Springer-Verlag, 2005:255-264.
【27】I.Foster,C.Kesselman,G.Tsudik,S.Tuecke. A Security Architecture for Computational Grids[C]. Proceedings of 5th ACM Conference on Computer and Communications Security, San Francisco, California,Association for Computing Machinery, 1998:83-92.
【28】R.Butler,D.Engert,I.Foster,C.Kesselman,S.Tuecke,J.Volmer,V.Welch. A National-Scale Authentication Infrastructure[J], IEEE Computer, 2000,33(12):60-66.
【 29 】 H.Cai,T.Yu,M.Fang,Y.Lei.Security solution to manufacturing grid usage scenarios[C]. CCGRID2005:638-643.
【30】Wu Yangdong, Qi Guoning, Xie Qingsheng, Gu Xinjian. Research on Architecture of Manufacturing Grid for Application Service Provider Mode[C]. Proceedings of the 2006 IEEE International Conference on Networking, Sensing and Control, ICNSC’06. Volume23-25, 2006:233-237.
【31】刘婷婷.网络化制造系统中安全体系结构及访问控制技术研究[D]. 南京:南京理工大学, 2004:3-5.
【32】W.Diffie,M.E.Hellman. New Directions in Cryptography[J]. IEEE Trans. Info. Theory, 1976, 22(11):644-654.
【33】C.E.Shannon. A mathematical theory of communication[J]. Bell System Technical Journal, 1948, 27(3):379-423.
【34】G.Caronni. Efficient Security for Large and Dynamic Groups[R]. Technical Report TIK Technical Report No.41. Computer Engineering and Networks Laboratory, Swiss Federal Institute of Technology, February, 1998.
【35】K.Becker,U.Wille. Communication complexity of group key distribution[C]. In proc.5th ACM Conference on Computer and Communications Security, San Francisco,CA USA, ACM Press.1998:1-6.
【36】Nam JY, Lee JW, Kim SJ, Won DH. DDH-Based group key agreement for mobile computing[EB/OL]. Cryptology ePrint Archive, Report 2004/127, 2004. http://eprint.iacr.org/2004/127,2004-05-29/2005-12-10.
【37】M.Burmester,Y.Desmedt. A secure and efficient conference key distribution system[C]. Advances in Cryptology-EUROCRYPT’94,LNCS950,Heidelberg,Berlin:Springer-Verlag,1995:275-286.
【38】G.Horng. An efficient and secure protocol for multi-party key establishment[J]. The Computer Journal, 2001,44(5):463-470.
【39】M.Aydos, B.Sunar, C.K.Koc. An elliptic curve cryptography based authentication and key agreement protocol for wireless communication[C]. 2nd International Workshop on Discrete Algorithms and Methods for Mobile Computing and Communications, Dallas,Texas, October 30,1998.
【 40 】 X.Du,Y.Wang,J.Ge,Y.Wang. An Improved ID-based Authenticated Group Key Agreement Scheme[EB/OL]. Cryptology ePrint Archive, Report 2003/260, http://eprint.iacr.org/2003/260,2003-12-17/ 2005-05-20.
【41】H.S.Dong, P.Seweeney. Simple authenticated key agreement algorithm[J]. Electron Letters. 1999, 35(13):1073-1074.
【42】B.T.Hsieh,H.M.Sun,T.Hwang. Cryptanalysis of enhancement for simple authentication key agreement algorithm[J]. Electronics Letters,2002,38(1):20-21.
【43】T.Kwon. Practical authenticated key agreement using passwords[EB/OL]. Information Security Conference, Palo Alto, CA, September 2004. http://dasan.sejong.ac.kr/~tkwon/research/tpamp_full.pdf, 2004-09-20/2004-10-16.
【44】隋爱芬,杨义先,钮心忻,罗守山.基于椭圆曲线密码的可认证密钥协商协议的研究[J].北京邮电大学学报, 2004,27(3):28-32.
【45】A.Shamir. Identity-Based Cryptosystems and Signature Schemes[C]. In Advances in Cryptology- CRYPTO'84, LNCS0193, Heidelberg,Berlin:Springer-Verlag,1984:47-53.
【46】D.Boneh and M. Franklin. Identity-Based Encryption from the Weil Pairing[C]. In Advances in Cryptology-CRYPTO 2001, LNCS2139, Heidelberg,Berlin:Springer-Verlag,2001:213-229.
【47】F.Zhang,X.Chen.Attack on an ID-based Authenticated Group Key Agreement Scheme from PKC 2004[J].Information Processing Letters, 2004,91(4):191-193.
【48】L.Chen,C.Kudla. Identity Based Authenticated Key Agreement from Pairings[EB/OL]. Cryptology ePrint Archive, Technology Rep:2002/184,2002.http://eprint.iacr.org/2002/184, 2002-11-28/ 2005-06-10.
【49】G.Xie. An ID-Based Key Agreement Scheme from pairing[EB/OL]. Cryptology ePrint Archive, Report 2005/093. .http://eprint.iacr.org/2005/093, 2005-05-22/2006-03-16.
【50】K.Hoeper, G.Gong. Bootstrapping Security in Mobile Ad Hoc Networks Using Identity-Based Schemes with Key Revocation[EB/OL].CACR 2006-04 Technical Reports.http://www.cacr.math. uwaterloo.ca/tech_reports.html, 2006-04-10/2006-12-15.
【51】H.W.Lim, M.J.B. Robshaw. On Identity-Based Cryptography and GRID Computing[C]. Proceedings of the 4th International Conference on Computational Science (ICCS2004), Heidelberg,Berlin:Springer- Verlag LNCS3036, 2004:474-477.
【52】W.Mao. An Identity-based Non-interactive Authentication Framework for Computational Grids[R]. HP Lab,Technical Report HPL-2004-96, June 2004. http://www.hpl.hp.com/techreports/2004/HPL-2004-96.pdf
【53】H.W.Lim, K.G.Paterson. Identity-Based Cryptography for Grid Security[C]. Proceedings of the 1st IEEE International Conference on e-Science and Grid Computing (e-Science 2005), Melbourne, Australia, IEEE Computer Society Press, 2005,395-404.
【54】H.W.Lim. On the Application of Identity-Based Cryptography in Grid Security[D].PhD Thesis, London:University of London, 2006:12-16.
【55】P.S.L.M.Barreto, H.Y.Kim, Fast hashing onto elliptic curves over fields of characteristic 3[EB/OL], Cryptology ePrint Archive, Report 2001/098. http://eprint.iacr.org/2001/098/.2001-11-15/2005-06-10.
【56】F.Zhang, X.Chen, W.Susilo,Y.Mu. A New Signature Scheme Without Random Oracles from Bilinear Pairings[EB/OL], cryptology ePrint Archive, Report 2005/386. http://eprint.iacr.org/2005/386, 2005-12-10/2006-10-12.
【57】F.Zhang, S.N.Reihaneh, W.Susilo. An Efficient Signature Scheme from Bilinear Pairings and Its Applications[C]. Public Key Cryptography 2004:277-290.
【58】王育民,刘建伟.通信网的安全-理论与技术[M]. 西安:西安电子科技大学出版社, 1999:265-265.
【 59 】 R.Rivest, A.Shamir, L.Adlman. A method for obtaining digital signatures and public-key cryptosystems[J]. Communications of ACM, 1978,21(2):120-126.
【60】B.Schneier. Applied Cryptography:Protocols,Algorithms,and Source Code[M].Peking:China Machine Press, 2000:36-490.
【61】D.E.Denning.Digital signatures with RSA and other public-key cryptosystems[J]. Communi- cations of the ACM, 1984,27(4):388-392.
【62】National Bureau of Standards, Digital signature standard[EB/OL]. FIPS Publication 186-2-DSS. Http://www.csrc.nist.gov/publications/fips/fips186-2/fips186-2-change1.pdf, 2000-01-27/2006-10-10.
【63】D.Johnson,A.Menezes. ANSI X9.62, Public Key Cryptography for the Financial Services Industry: The Elliptic Curve Digital Signature Algorithm (ECDSA)[EB/OL], http://grouper.ieee.org/groups/1363/ Research/Other.html#ANSI, 1999-09-01/2004-01-10.
【64】W.Mao.Modern Cryptography: Theory and Practice [M].北京:电子工业出版社,2004:55-362.
【65】M.Bellare,S.Miner. A forward-secure digital signature scheme[C]. CRYPTO'99, LNCS1666, Heidelberg,Berlin:Springer-Verlag,1999:431-448.
【66】D.Chaum. Blind signatures for untraceable payments[C]. Proceedings of the Advances in Cryptology-Crypto'82, Heidelberg,Berlin:Springer-Verlag, New York:Plenum Press,1983:199-203.
【 67】 D.Chaum, H.van Antwerpen. Undeniable signatures[C]. Proceedings of the Advances in CRYPTO'89, LNCS435, Heidelberg,Berlin:Springer-Verlag,1989:212-216.
【 68】 D.Chaum. Designated confirmer signatures[C]. Proceedings of the Advances in Cryptology (EUROCRYPT’94). LNCS950, Heidelberg,Berlin:Springer-Verlag, 1994:86-89.
【69】J.Camenisch, M.Michels. Confirmer signature schemes secure against adaptive adversaries[C]. Advances in Cryptography-EUROCRYPT2000.LNCS1807,Heidelberg,Berlin:Springer-Verlag,2000:243-258.
【70】Y.Desmedt. Society and group oriented cryptography: a new concept[C]. Advances in Crypto'87, LNCS293, Heidelberg,Berlin:Springer-Verlag,1988:120-127.
【 71】 D.Chaum, E.van Heyst. Group signatures[C]. Advances in EUROCRYPT'91, LNCS547, Heidelberg,Berlin:Springer-Verlag,1991:257-265.
【72】M.Mambo,K.Usuda,E.Okamoto. Proxy signature for delegating signing operation[C]. Proceedings of the 3th ACM Conference on Computer and Communications Security, New Dehli, India, ACM Press, New York,1996:48-57.
【 73 】 D.Boneh, B.Lynn,H.Shacham. Short signatures from the Weil pairing[C]. Advances in Asiacrypt2001, LNCS2248, Heidelberg,Berlin:Springer-Verlag, 2001:514-532.
【74】M.Abe, M.Ohkubo,K. Suzuki. 1-out-of-n signatures from a variety of keys[C]. Advances in ASIACRYPT2002, LNCS2501, Heidelberg,Berlin:Springer-Verlag,2002:415-432.
【75】R.Steinfeld,L.Bull,H.Wang,J.Pieprzyk.Universal designated-verifier signatures[C], Proceedings of the Advances in Asiacrypt 2003, LNCS2894, Heidelberg,Berlin:Springer-Verlag,2003:523-542.
【76】X.Huang, W.Susilo, Y.Mu,W.Wu. Universal Designated Verifier Signature without Delegatability[C]. Eighth International Conference on Information and Communications Security (ICICS '06), Raleigh, North Carolina, USA, LNCS4307, Heidelberg,Berlin:Springer-Verlage,2006:479-498.
【77】高曙明,何发智.分布式协同设计技术综述[J].计算机辅助设计与图形学学报,2004,16(2):149-157.
【78】孙林夫,面向网络化制造的协同设计技术[J].计算机集成制造系统,2005,11(1):1-6.
【79】哈进兵,胡文斌,严仰光.网络化协同制造系统中的信息安全研究现状[J].机械科学与技术,2004, 23(11):1382-1386.
【 80 】 F.Zhang,W.Susilo,Y.Mu,X.Chen.Identity-based Universal Designated Verifier Signatures[C], SecUbiq’05, LNCS3823, Heidelberg,Berlin:Springer-Verlag,2005:825-834.
【81】D.E.Denning, D.K.Branstad. A taxonomy of key escrow encryption systems[J]. Communications of the ACM,1996,39(3):34-40.
【82】R.Steinfeld, L.Bull, Y.Zheng. Content extraction signatures[C]. Proceedings ICICS 2001, LNCS2288, Heidelberg,Berlin:Springer-Verlag, 2002:285-304.
【83】L.Bull, P.Stanski, D.S.Mcg. Content Extraction Signatures using XML Digital Signatures and Custom Transforms On-Demand[C]. Proceedings of the 12th International World Wide Web Conference, Budapest, Hungary, ACM Press, 2003:170-177.
【84】L.Bull, D.S.Mcg, J.Newmarch. Grouping Verifiable Content for Selective Disclosure using XML Signatures[C], Proceedings of ACISP2003, Wollongong, Australia, LNCS2727, Heidelberg,Berlin:Springer- Verlag, 2003:1-12.
【85】K.Itakura,K.Nakamura. A public-key cryptosystem suitable for digital multisignature[J]. NEC Research and Development, 1983,71(10):1-8.
【86】T.Hardjono,Y.Zheng,A Practical Digital multisignature scheme based on Discrete Logarithms[C]. Advances in Cryptology- Proceedings of Auscrypt'92, Heidelberg,Berlin:Springer,1992:16-21.
【87】P.Horster,M.Michels,H.Petersen. Blind Multisignature schemes based on the discrete logarithm problem[C]. Proceedings of the 11th Annual Computer Security Applications Conference, New Orleans, IEEE Press,1995:149-155.
【 88 】 K.Ohta,T.Okamoto.Multi-signature schemes secure against active insider attacks[J]. IEICE Transactions of Fundamentals,1999,82-A(1):22-31.
【89】L.Harn, T.Kresler. New scheme for digital multisignatures[J]. Electronics Letters, 1990,25(15): 1002-1003.
【90】L.Harn. Group-oriented (t,n) threshold digitial signature scheme and digital multisignature[J]. IEE Proceedings of Computers and Digital Techniques, 1994,141(5):307-313.
【91】M.Burmester, Y.Desmedt, H.Doi, M.Mambo, E.Okamoto, M.Tada and Y.Yoshifuji. A structured ElGamal-type multisignature scheme[C]. Proceedings of Third International Workshop on Practice and Theory in Public Key Cryptosystems (PKC2000), Heidelberg,Berlin:Springer-Verlag, 2000:466-483.
【92】S.Micali, K.Ohta, L.Reyzin. Accountable-subgroup multisignatures[C]. Proceedings of the ACM Conference on Computer and Communications Security 2001 (CCS2001), ACM press, 2001:245-254.
【93】A.Boldyreva. Efficient threshold signature,multisignature and blind signature schemes based on the gap-Diffie-Hellman-group signature scheme[C]. Prceedings of PKC2003, LNCS2567, Heidelberg,Berlin: springer-Verlag,2003:31-46.
【94】C.Y.Lin, T.C.Wu and F.Zhang. A Structured Multisignature Scheme from the Gap Diffie-Hellman Group[EB/OL], Cryptology ePrint Archive, Report 2003/090. http://eprint.iacr.org/2003/090, 2003-05-06/ 2006-05-20.
【95】张键红,韦永壮,王育民. 基于RSA的多重数字签名[J]. 通讯学报, 2003,24(8):150-154.
【96】韩小西,王贵林,鲍丰,任奎.针对基于离散对数多重签名方案的一种攻击[J].计算机学报. 2004, 27(8):1147-1152.
【97】H.M.Sun, N.Y.Lee. T.Hwang. Threshold proxy signatures[J]. IEE Proceedings of Computers and Digital Techniques, 1999,146(5):259-263.
【98】X.Chen, F.Zhang, K.Kim. ID-based Multi-Proxy Signature and Blind Multisignature from Bilinear Pairings[C], Proceedings of KIISC conference 2003,Korea 2003:11-19.
【99】伊丽江,白国强,肖国镇.代理多重签名:一类新的代理签名方案[J].电子学报,2001,29(4):569-570.
【100】王晓明,符方伟.一种代理多重数字签名方案的安全分析[J].通信学报,2002,23(4):98-102.
【101】Shum K, Victor K W.A strong proxy signature scheme with proxy signer privacy protection[C]. Proceedings of the Eleventh IEEE International Workshops on Enabling Technologies:Infrastructure for Collaborative Enterprises(WETICE'02). Alamitos(CA,USA):IEEE Computer Society Press,2002:55-56.
【102】Li J G, Cao Z F, Zhang Y C. Non-repudiable proxy multi-signature schemes[J]. Computer Science and Technology, 2003,18(3):399-402.
【103】Sun H M. Design of time-stamped proxy signature with traceable receivers[C]. IEE Proceedings of Computers and Digital Techniques. London:IEE,2000,147(6):462-466.
【104】X.Huang, Y.Mu,W.Susilo.Short Designated Verifier Proxy Signature from Pairings[C]. EUC Workshops 2005, LNCS3823. Heidelberg,Berlin:Springer-Verlag,2005:835-844.
【105】李继国,曹珍富,李建中,张亦辰.代理签名的现状与进展[J].通信学报, 2003,24(10):114-124.
【106】李继国,曹珍富,张亦辰,李建中.代理多重签名方案的密码分析与修改[J].高技术通讯,2003, 13(4):1-5.
【107】V.Miller, Uses of elliptic curves in cryptography[C]. Advances in Cryptology CRYPTO’85, LNCS218, Heidelberg,Berlin:Springer-Verlag,1986:417-426.
【108】N.Koblitz. Elliptic Curve Cryptosystems[J]. Mathematics of Computation, 1987,48(17):203-209.
【109】Y.Yacobi. A note on the bilinear Diffie-Hellman assumption[EB/OL],IACR Cryptology ePrint Archive, Report 2002/113,2002. http://eprint.iacr.org/2002/113/, 2002-08-07/2005-5-25.
【 110 】 D.Boneh, M.Franklin, Identity-based encryption from the Weil pairings[C], Advances in Cryptology-Crypto2001, LNCS2139, Heidelberg,Berlin:Springer-Verlag, 2001:213-229.
【111】J.C.Cha, J.H.Cheon. An identity-based signature from gap Diffie-Hellman groups[C], Public Key Cryptography-PKC2003, LNCS2567, Heidelberg,Berlin:Springer-Verlag, 2003:18-30.
【112】J.H.Cheon,Y.Kim, H.J.Yoon. A New ID-based Signature with Batch Verification[EB/OL]. Cryptology ePrint Archive, Report 2004/131. http://eprint.iacr.org/2004/131,2004-05-31/2006-01-15.
【113】D.Boneh, C.Gentry, B.Lynn, H.Shacham. Aggregate and Verifiably Encrypted Signatures from Bilinear Maps[C]. Eurocrypt2003, LNCS2656, Heidelberg,Berlin:Springer-Verlag,2003:416-432.
【114】A.Joux. The Weil and Tate Pairings as Building Blocks for Public Key Cryptosystems[C]. Fifth Algorithmic Number Theory Symposium,LNCS2369,Heidelberg,Berlin:Springer-Verlag,2002:20-32.
【 115 】 M.Blaze,J.Feigenbaum,J.Lacy.Decentralized trust management[C].Proceedings of the 17th symposinmon security and privacy, IEEE Computer society press,1996:164-173.
【116】T.Beth, M.Borcherding, B.Klein. Valuation of trust in open system[C]. In D.Gollmann, editor, Computer Security,ESORICS’94,LNCS875, Heidelberg,Berlin:Springer-Verlag,1994:3-18.
【117】A.Abdul Rahman, S.Hailes. A distributed trust model[C]. Proceedings of the 1997 New Security Paradigms Work shop, Combria,UK,ACM Press,1997:48-60.
【118】T.Grandison and M. Sloman. A survey of trust in Internet applications[J], IEEE Communications Surveys & Tutorials,2000,3(4):2-16.
【119】T.Ryutov, C.Neuman, L.Zhou, Integrated Access Control and Intrusion Detection (IACID) Framework for Secure Grid Computing[R], USC Internet and Grid Computing Laboratory technical report, May 21, 2004. TR 2004-9, http://www.google.com
【120】F.Azzedin, M.Maheswaran. Evolving and Managing Trust in Grid Computing Systems[J]. Advanced in Canadian Conference on Electrical and Computer Engineering,IEEE CCECE 2002,(3):1424-1429.
【121】F.Azzedin, M.Maheswaran. Integrating Trust into Grid Resource Management Systems[C], Advanced in 2002 International Conference on Parallel Processing (ICPP 2002),2002:47-54.
【122】S.Song, K.Hwang, M.Macwan. Fuzzy Trust Integration for Security Enforcement in Grid Computing[C]. International Symposium on Network and Parallel Computing(NPC2004). Heidelberg, Berlin:Springer-Verlag, 2004:9-12.
【123】T.Okamoto,K.Harada,E.Okamoto. ID-Based Key Agreement Schemes using General Hash Function from Pairing [EB/OL]. The 2004 Workshop on Information Security Research. Available at http://www-kairo.csce. kyushu-u.ac.jp/WISR2004/presentation07.pdf, 2004-12-10/2005-06-10.
【124】K.Kurosawa, S.H.Heng. Identity-based identification without random oracles[EB/OL]. In ISH'2005, http://www.springerlink.com/index/RTWC06KJN7L2V682.pdf, 2006-03-10/2006-06-16.
【125】D.Pointcheval, J.Stern, Security arguments for digital signatures and blind signatures[J]. Journal of Cryptology,2000,13(3):361-396.
【126】M.Bellare. O.Goldreich. S.Goldwasser. Incremental Cryptography:The Case of Hashing and Signing[C]. CRYPTO’94, LNCS839, Heidelberg,Berlin:Springer-Verlag,1994:216-233.
【127】XML Core Working Group. XML-Signature Syntax and Processing[EB/OL].W3C Proposed Recommendation. August 20,2001. http://www.w3.org/TR/xmldsig-core. 2002-02-12/2006-5-20.
【128】A.Fiat. Batch RSA[C]. In CRYPTO’89,LNCS435.Heidelberg,Berlin:Springer-Verlag,1990:232-241.
【129】A.Shamir. On the generation of cryptographically strong pseudorandom sequences[J]. ACM Transactions on Computer Systems, 1983,1(1):38-44.
【130】D.Pointcheval, J.Stern. Security proofs for signature schemes[C]. Adcances in Cryptology- Proceedings of EUROCYPT’96, LNCS1070, Heidelberg,Berlin:Springer-Verlag,1996:387-398.
【131】X.Yi. An identity-based signature scheme from the Weil pairing[J],IEEE Communications Letters, 2003,7(2):76-78.
【132】Z.Tan, Z.Liu. Provably Secure Delegation-by-Certification Proxy Signature Schemes[EB/OL]. http://eprint.iacr.org/2004/148/,2004-07-24/2006-06-25.
【133】陈辉,王平.网格计算中的安全体系结构分析[J].计算机安全,2004,(2):15-16.
【134】黄家玮,费洪晓.网格安全问题及解决方案[J].现代计算机, 2004,21(12):32-35.
【135】R.Housley, W.Ford, W.Polk, D.Solo. Internet X.509 Public Key Infrastructure Certificate and CRL Profile. RFC2459[EB/OL], January 1999, Available at http://www.ietf.org/rfc/rfc2459.txt, 1999-03-01/2002-10-16.
【136】C.Adams, S.Farrell. Internet X.509 Public Key Infrastructure: Certificate Management Protocols. RFC2510[EB/OL],March 1999, Available at http://www.ietf.org/rfc/rfc2510.txt,1999-03-28/2002-10-16.