计算机应用 ›› 2015, Vol. 35 ›› Issue (7): 1858-1864.DOI: 10.11772/j.issn.1001-9081.2015.07.1858

• 信息安全 • 上一篇    下一篇

基于交错螺旋矩阵加密的自动信任协商模型

李健利, 谢悦, 王艺谋, 丁洪骞   

  1. 哈尔滨工程大学 计算机科学与技术学院, 哈尔滨 150001
  • 收稿日期:2015-02-11 修回日期:2015-03-30 出版日期:2015-07-10 发布日期:2015-07-17
  • 通讯作者: 李健利(1963-),男,山东龙口人,副教授,主要研究方向:访问控制、自动信任协商,lijianli@hrbeu.edu.cn
  • 作者简介:谢悦(1989-),男,河北石家庄人,硕士研究生,主要研究方向:自动信任协商; 王艺谋(1990-),男,辽宁丹东人,硕士研究生,主要研究方向:自动信任协商; 丁洪骞(1990-),男,山东泰安人,硕士研究生,主要研究方向:自动信任协商。
  • 基金资助:

    国家自然科学基金资助项目(61073042)。

Automated trust negotiation model based on interleaved spiral matrix encryption

LI Jianli, XIE Yue, WANG Yimou, DING Hongqian   

  1. College of Computer Science and Technology, Harbin Engineering University, Harbin Heilongjiang 150001, China
  • Received:2015-02-11 Revised:2015-03-30 Online:2015-07-10 Published:2015-07-17

摘要:

针对自动信任协商(ATN)中的敏感信息保护问题,提出了基于交错螺旋矩阵加密(ISME)的自动信任协商模型。此模型采用交错螺旋矩阵加密算法以及策略迁移法,对协商中出现的3种敏感信息进行保护。与传统的螺旋矩阵加密算法相比,交错螺旋矩阵加密算法增加了奇偶数位和三元组的概念。为了更好地应用所提模型,在该协商模型的证书中,引入了属性密钥标志位的概念,从而在二次加密时更有效地记录密钥所对应的加密敏感信息,同时列举了在协商模型中如何用加密函数对协商规则进行表示。为了提高所提模型协商成功率和效率,提出了0-1图策略校验算法。该算法利用图论中的有向图构造了6种基本命题分解规则,可以有效地确定由访问控制策略抽象而成的命题种类。之后为了证明在逻辑系统中此算法的语义概念与语法概念的等价性,进行了可靠性、完备性证明。仿真实验表明,该模型在20次协商中策略披露的平均条数比传统ATN模型少15.2条且协商成功率提高了21.7%而协商效率提高了3.6%。

关键词: 自动信任协商, 敏感信息保护, 访问控制策略, 交错螺旋矩阵加密, 0-1图策略校验算法

Abstract:

The Automated Trust Negotiation (ATN) Model based on Interleaved Spiral Matrix Encryption (ISME) was proposed for the protection of sensitive information in the automated trust negotiation. The interleaved spiral matrix encryption and policy migration were used in the model to protect three kinds of sensitive information of negotiation. Compared with the traditional spiral matrix encryption algorithm, the concept of odd-even bit and triple were added into the interleaved spiral matrix encryption algorithm. In order to make the model adapt the application better, the concept of key attributes flag was introduced in the certification of negotiations, and thus it recorded the sensitive information which corresponded to the encrypted key effectively. Meanwhile, how to represent the negotiation rules through encryption function was listed in the negotiation model. To increase efficiency and success rate of the model, the 0-1 graph policy parity algorithm was proposed. The decomposition rules of six basic propositions were constructed by directed graph of graph theory in the 0-1 graph policy parity algorithm. The propositions abstracted by the access control policies could be determined effectively and the reliability and completeness was testified to prove the equivalence of semantics concept and syntax concept in logistic system. Finally, the simulation results demonstrate that the model of the average number of disclosure strategy is 15.2 less than the traditional model in 20 negotiations. The successful rate of the negotiation is increased by 21.7% and the efficiency of the negotiation is increased by 3.6%.

Key words: Automated Trust Negotiation (ATN), sensitive information protection, access control policy, Interleaved Spiral Matrix Encryption (ISME), 0-1 graph policy parity algorithm

中图分类号: