| With the rapid development of network technology, e-commerce activities are becoming moreand more frequent, especially online shopping and online banking have brought great convenience topeople’s lives. People are able to access to the resources and services which they need, in the case ofstaying at home. However, people are faced with the problem of information security when they enjoythese convenience. During E-commerce activities, the service provider always will require users to submitpersonal identifiable information, then it is authenticated, the users can get the required resources or havethe access to get the services, However, in the open network environment, the user’s information is verylikely to be obtained by illegal users, there is a threat of being leaked. So now most users don’t want tosubmit personal identifiable information to get resources, namely get resources. anonymously.Public Key Infrastructure PKI as a security mechanism with international standards has a widerange of applications in e-commerce activities. PKI uses the digital certificate to achieve a binding betweenthe user and the key, provides authentication services. PMI as an extension of the PKI uses Attributecertificate to bind users and permissions and provides different access control permissions to users. In thissystem the realization of anonymous authentication has good openness and portability and is easy to mergewith the model of identity certificates. As for PKI/PMI system, since identity is bounded to the certificate,the authentication mechanism and structural features. So it is the key to separate identity authenticationfrom legality authentication. This separation usually requires to introduce a trusted third party.First of all, this paper summarizes the preliminaries and related technologies of AnonymousAuthentication, focuses on the introduction of PKI/PMI architecture. And then based on this system,anonymous authentication scheme based on the PMI attribute certificate is proposed. The program usesstandard public key certificates and attribute certificates to achieve the separation of identity authenticationand legality authentication. Security and anonymity can be proved. In the program, the trusted third party isthe PMI attribute authority, called AA, with the international standards and business models. with theincrease in the scale of users,in order to avoid the trusted third party to become the bottleneck of thesystem efficiency, and realize the application of large-scale systems, then this paper proposed another anonymous authentication scheme which based on the PMI role models. User chooses roles according totheir needs, and according to the process of privileges-the role, the role-the users to give privileges forthe users. The user get resources through the role, and has nothing to do with own identity, hide the identityinformation and realize anonymity. The valid for Role assignment attribute certificate is longer, not likeone-time attribute certificate, the users do not update attribute certificate frequently, the number of attributecertificate request decreases, improve the efficiency of authentication, reduce the load of the trusted thirdparty. At last,we analyze the load of AA in the two program theoretically,the AA load in the anonymousauthentication scheme based on the PMI role model is lesser than the anonymous authentication schemebased on the PMI. Finally we use NS2to simulate the process of requesting the attribute certificate in thetwo programs, through the network performance test, further validates that the anonymous authenticationscheme based on the PMI role model has higher efficiency. |
PDF Full Text Request