| To authorize the web service securely in open network, blaze et al. focused on the conception of "trust" in traditional authorization mechanism, and proposed the idea of "trust management". Trust management is a new way to resolve the secure authorization in open network, which is not so complex and poor efficiency like traditional ways. Delegation is one of core technologies in trust management. While worms and rogue programs become wilder and wilder, how to keep the identity of user away from information excavation and abusing should be a focus of research about delegation.This thesis designs an improved aggregate signature scheme to allow delegators to be anonymous. The improved aggregate signature scheme mixes aggregate signature scheme and group signature scheme together, which could aggregate some signatures together while keep signers anonymous. This thesis realizes an anonymous delegation protocol with the improved aggregate signature scheme (AD-AS Protocol). AD-AS Protocol has advantages of both police-based and reputation-based trust management systems, which signs a delegation credential with public key and describes delegator’s perceptual trust on delegatee with trust value. With both the system auto way and delegator manual way to revokes a delegation, AD-AS Protocol has all the required functions of delegation mechanism. AD-AS Protocol uses only one signature of fixed size in delegation credential because of the aggregate property of aggregate signature scheme, while authenticating a delegation credential efficiently, AD-AS Protocol reduces the cost of saving and transmitting.At the end of this thesis, an E-Cash system based on the AD-AS Protocol is proposed, which proves that the AD-AS Protocol is anonymous and traceable, while the deep of delegation could be restricted by trust. The proposed E-Cash system is offline and divisible, running in different banks and the anonymity of users could be traced. |
PDF Full Text Request