网际安全技术构架 基于标识鉴别的可信系统 英文版2025|PDF|Epub|mobi|kindle电子书版本百度云盘下载

网际安全技术构架 基于标识鉴别的可信系统 英文版PDF格式电子书版下载

注意：本站所有压缩包均有解压码： 点击下载压缩包解压工具

Part One　Authentication Technique2

Chapter 1　Basic Concepts2

1.1　Physical World and Digital world2

1.2 A World with Order and without Order3

1.3 Self-assured Proof and 3rd Party Proof4

1.4 Certification Chain and Trust Chain6

1.5 Centralized and Decentralized Management7

1.6 Physical Signature and Digital Signature8

Chapter 2 Authentication Logic11

2.1 Belief Logic11

2.2 Standard Protocol12

2.3 Trust Relationship13

2.3.1 Direct Trust13

2.3.2 Axiomatic Trust13

2.3.3 Inference Trust14

2.4 Trust Logic15

2.4.1 The Requirement of Trust Logic15

2.4.2 The Progress in Public Key16

2.4.3 Entity Authenticity16

2.4.4 The Characteristics of Trust Logic18

2.5 CPK Protocol19

2.5.1 One-way Protocol19

2.5.2 Two-way Protocol19

Chapter 3 Identity Authentication21

3.1 Communication Identity Authentication21

3.2 Software Identity Authentication23

3.3 Electronic Tag Authentication24

3.4 Network Management24

3.5 Holistic Security25

Part Two Crypto-systems28

Chapter 4 Combined Public Key(CPK)28

4.1 Introduction28

4.2 ECC Compounding Feature28

4.3 Identity-Key29

4.3.1 Combining Matrix29

4.3.2 Mapping from Identity to Matrix Coordinates29

4.3.3 Computation of Identity-Key30

4.4 Key Compounding30

4.4.1 The Compounding of Identity-Key and Accompanying-Key(optional)30

4.4.2 The Compounding of Identity-Key and Separating-Key30

4.5 CPK Digital Signature31

4.5.1 Signing with Accompanying-Key(optional)31

4.5.2 Signing with Separating-Key31

4.6 CPK Key Exchange32

4.6.1 Key Exchange with Separating-Key32

4.6.2 Key Exchange with Accompanying-Key(optional)32

4.7 Security Analysis32

Chapter 5 Self-assured and 3rd Party Public Key35

5.1 New Requirements of the Crypto-System35

5.2 Development of Crypto-Systems36

5.3 Digital Signature Mechanism37

5.3.1 IBC Signature Scheme37

5.3.2 CPK Signature with Separating-Key37

5.3.3 CPK Signature with Accompanying-Key38

5.3.4 PKI Signature Scheme38

5.3.5 IB-RSA Signature Scheme39

5.3.6 mRSA Signature Scheme40

5.3.7 Comparison of Schemes40

5.4 Key Exchange Scheme40

5.4.1 IBE Key Exchange41

5.4.2 CPK Key Exchange41

5.4.3 Other Key Exchange Schemes42

5.4.4 Performance Comparison43

5.5 Discussion on Trust Root44

Chapter 6 Bytes Encryption45

6.1 Technical Background45

6.2 Coding Structure47

6.2.1 Transposition Table(disk)47

6.2.2 Substitution Table(subst)48

6.2.3 Key Structure49

6.2.4 Operation Flowchart51

6.3 8-bit Operation51

6.3.1 Assumptions51

6.3.2 Key Derivation52

6.3.3 Combination of Data and Keys52

6.3.4 Left Shift Accumulation53

6.3.5 Transposition Conversion54

6.3.6 Single Substitution Conversion54

6.3.7 Re-combination of Data and Keys55

6.3.8 Right Shift Accumulation55

6.3.9 Re-transposition56

6.4 7-bit Operation56

6.4.1 Given Conditions56

6.4.2 Key Derivation57

6.4.3 Combination of Data and Key58

6.4.4 Left Shift Accumulation58

6.4.5 Transposition Conversion59

6.4.6 Single Substitution Conversion60

6.4.7 Re-combination of Data and Key60

6.4.8 Right Shift Accumulation61

6.4.9 Re-composition61

6.5 Security Evaluation62

6.5.1 Key Granularity62

6.5.2 Confusion and Diffusion63

6.5.3 Multiple-level Product Conversion63

Part Three CPK System66

Chapter 7 CPK Key Management66

7.1 CPK Key Distribution66

7.1.1 Authentication Network66

7.1.2 Communication Key67

7.1.3 Classification of Keys67

7.2 CPK Signature68

7.2.1 Digital Signature and Verification68

7.2.2 Signature Format68

7.3 CPK Key Exchange69

7.4 CPK Data Encryption70

7.5 Key Protection70

7.5.1 Password Verification70

7.5.2 Password Change71

Chapter 8 CPK-chip Design72

8.1 Background72

8.2 Main Technology72

8.3 Chip Structure74

8.4 Main Functions77

8.4.1 Digital Signature77

8.4.2 Data Encryption78

Chapter 9 CPK ID-card80

9.1 Background80

9.2 ID-card Structure81

9.2.1 The Part of Main Body82

9.2.2 The Part of Variables82

9.3 ID-card Data Format83

9.4 ID-card Management85

9.4.1 Administrative Organization85

9.4.2 Application for ID-card86

9.4.3 Registration Department87

9.4.4 Production Department88

9.4.5 Issuing Department90

Part Four Trust Computing92

Chapter 10 SoftwareID Authentication92

10.1 Technical Background92

10.2 Main Technology93

10.3 Signing Module94

10.4 Verifying Module95

10.5 The Feature of Code Signing97

Chapter 11 Code Signing of Windows98

11.1 Introduction98

11.2 PE File98

11.3 Mini-filter99

11.3.1 NT I/O Subsystem99

11.3.2 File Filter Driving100

11.3.3 Mini-filter101

11.4 Code Authentication of Windows102

11.4.1 The System Framework102

11.4.2 Characteristics Collecting102

11.5 Conclusion102

Chapter 12 Code Signing of Linux103

12.1 General Description103

12.2 ELF File103

12.3 Linux Security Module(LSM)Framework104

12.4 Implementation105

Part Five Trust Connecting108

Chapter 13 Phone Trust Connecting108

13.1 Main Technologies108

13.2 Connecting Procedure109

13.3 Data Encryption110

13.4 Data Decryption111

Chapter 14 Socket Layer Trust Connecting112

14.1 Layers of Communication112

14.2 Secure Socket Layer(SSL)113

14.3 Trusted Socket Layer(TSL)115

14.4 TSL Working Principle116

14.5 TSL Address Authentication118

14.6 Comparison120

Chapter 15 Router Trust Connecting121

15.1 Principle of Router122

15.2 Requirements of Trusted Connection123

15.3 Fundamental Technology124

15.4 Origin Address Authentication124

15.5 Encryption Function127

15.5.1 Encryption Process127

15.5.2 Decryption Process128

15.6 Requirement of Header Format128

15.7 Trusted Computing Environment129

15.7.1 Evidence of Software Code129

15.7.2 Authentication of Software Code129

Conclusion129

Part Six Trust e-Commerce132

Chapter 16 e-Bank Authentication132

16.1 Background132

16.2 Counter Business133

16.3 Business Layer134

16.4 Basic Technology135

16.5 Business at ATM136

16.6 Communication Between ATM and Portal137

16.7 The Advantages138

Chapter 17 e-Bill Authentication140

17.1 Bill Authentication Network140

17.2 Main Technologies141

17.3 Application for Bills141

17.4 Circulation of Bills143

17.5 Verification of Check143

Part Seven Trust Logistics146

Chapter 18 e-Tag Authentication146

18.1 Background146

18.2 Main Technology147

18.3 Embodiment（Ⅰ）148

18.4 Embodiment（Ⅱ）149

Chapter 19 The Design of Mywallet151

19.1 Two Kinds of Authentication Concept151

19.2 System Configuration152

19.3 TAG Structure153

19.3.1 Structure of Data Region153

19.3.2 Structure of Control Region154

19.4 TAG Data Generation and Authentication155

19.4.1 KMC155

19.4.2 Enterprise155

19.4.3 Writer and Reader155

19.5 Protocol Design156

19.6 Conclusion157

Part Eight File ＆ Network Management160

Chapter 20 e-Mail Authentication160

20.1 Main Technologies160

20.2 Sending Process161

20.3 Receiving Process162

Chapter 21 Data Storage Authentication163

21.1 Security Requirements163

21.2 Basic Technology164

21.3 File Uploading Protocol164

21.4 File Downloading Protocol166

21.5 Data Storing167

21.5.1 Establishment of Key File167

21.5.2 Storage of Key File167

21.5.3 Documental Database Encryption168

21.5.4 Relational Database Encryption169

Chapter 22 Secure File Box171

22.1 Background171

22.2 System Framework172

22.3 Features of the System172

22.4 System Implementation173

Chapter 23 e-Seal of Classification176

23.1 Background Technology176

23.2 Main Technologies176

23.3 Working Flow178

23.4 Embodiment180

23.5 Explanation181

Chapter 24 Water-wall for Intranet187

24.1 Background187

24.2 Working Principles187

24.3 The diagram of Intranet Water-wall189

24.4 Water-wall for Individual PC191

24.5 Guarding Policy192

Chapter 25 Digital Right Authentication194

25.1 Technical Background194

25.2 Main Technologies194

25.3 Manufacturer's Digital Right195

25.4 Enterprise's Right of Operation197

25.5 Client's Right of Usage198

Postscript New Trend of Information Security200

Appendices206

Appendix A206

Walk Out of Mysterious"Black Chamber"206

Appendix B211

Identity Authentication Opening a New Land for Information Security211

Appendix C218

Searching for Safe"Silver Bullet"218

Appendix D226

"Electronic-ID Card"Attracts International Attention226

Appendix E231

CPK System Goes to the World231

Appendix F234

Identity Authentication Based on CPK System234

Appendix G243

CPK Cpyptosystem243

References247