| With the development of E-commerce, electronic transaction means, such as e-payment, e-contract and e-vote, etc, appear and become more and more popular, digital signature was proposed. It substitutes traditional stamp form, transfers signature information by electronic form online, and improves corporations'work efficiency. However, this form fails if the signatory cannot sign. In this situation the proxy signature emerge as the times require.Proxy signature is a special class of digital signatures which allows an original signer to delegate his or her signature capability or signature right to a designated person who is called a proxy signer to sign on specified documents on behalf of the original signer. The primary difference between proxy signature and digital signature is that there is an intermediate component, which is called proxy signer between original signer and signature receiver, is added in proxy signature. Just for this intermediate component, it brings a lot of security and validity problems. Thus, the most important thing of proxy signature mechanism research is its security and validity.Elliptic curve cryptography has its unique advantages, whose 160 bits security key has potential in security as excellent as the 1024 bits one of RSA algorithm. Thus, it's a developmental trend to choose the algorithm based on ECDLP to do proxy signature and validation. With perfection of this signature algorithm, proxy signature will also be driven greatly.In the foundation of researching traditional proxy signature mechanisms, this paper chooses the ECDLP -based signature algorithm, and proposes two new proxy signature mechanisms, and one new enterprise authorization mechanism. It includes the following work. Firstly, researches current proxy signature mechanisms,and analyses the virtues and flaws of current proxy signature mechanisms in aspects of security and validity mostly. Secondly, brings forward a two-level proxy signature mechanism, and proves that this mechanism can satisfy proxy signature's essential characters of unforgeability, verifiability, logoutability, distinguishability, undeniability and identifiablity by providing the theorems.Thirdly, extends two-level proxy signature mechanism, proposes a multi-level proxy signature mechanism, and analyses the validity and security of it. Fourthly, based on researching current enterprise authorization mechanism, brings forward a new authorization mechanism, which based on multi-level proxy signature mechanism. Fifthly, analyses the advantages and flaws of the new enterprise authorization mechanism. Lastly, applies this new authorization mechanism into Chongqing railway E-commerce platform——container running information system. The result indicates that this mechanism enhances system's security largely, and is fit for the security strategies of ERP, MIS, OA . Moreover it has supplemental effect for the development of E-commerce. |
PDF Full Text Request