Pub Date : 2003-10-14DOI: 10.1109/CCST.2003.1297614
Yea-Shuan Huang, Y. Tsai, Hong-Hsin Chao, Y. Chien
This paper mainly introduces (1) a face recognition method by using a newly designed radial basis function (RBF) neural net which can iteratively reduce a purposely defined classification-oriented error function, and (2) a decision-making mechanism by accumulating multiple individual face recognition results of the same unknown targeted person. To experiment on 50 persons (each person has 32 training samples and 100 testing samples), although the recognition rate of individual sample is only 86.5%, a perfect recognition accuracy (i.e. 100% accuracy) has been achieved by accumulating 20 temporal face images. This shows that the proposed approaches can produce various degrees of security to support different face recognition applications.
{"title":"Face recognition for images from the same unknown person","authors":"Yea-Shuan Huang, Y. Tsai, Hong-Hsin Chao, Y. Chien","doi":"10.1109/CCST.2003.1297614","DOIUrl":"https://doi.org/10.1109/CCST.2003.1297614","url":null,"abstract":"This paper mainly introduces (1) a face recognition method by using a newly designed radial basis function (RBF) neural net which can iteratively reduce a purposely defined classification-oriented error function, and (2) a decision-making mechanism by accumulating multiple individual face recognition results of the same unknown targeted person. To experiment on 50 persons (each person has 32 training samples and 100 testing samples), although the recognition rate of individual sample is only 86.5%, a perfect recognition accuracy (i.e. 100% accuracy) has been achieved by accumulating 20 temporal face images. This shows that the proposed approaches can produce various degrees of security to support different face recognition applications.","PeriodicalId":344868,"journal":{"name":"IEEE 37th Annual 2003 International Carnahan Conference onSecurity Technology, 2003. Proceedings.","volume":"165 5","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2003-10-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"120981301","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2003-10-14DOI: 10.1109/CCST.2003.1297535
Bao-Chyuan Guan, Ping Wang, S. Chen, Ray-I Chang
In [S. Castano et al. (1992)], an object-oriented security model was proposed to protect documents in office environments. It defined role as a set of actions and responsibilities played by users to identify the operations that they can execute on documents. This scheme can make representation and realization easy while using modem object-oriented programming languages to model an information system. However, it simply considered the authorization of operation from an identified role to the document. The available time slot associated with this operation was not addressed. Moreover, actions and responsibilities to the access authorization of a peripheral device (such as the printer) were not specified. These characteristics are very important for a high-secure system in military or government that must protect information of different classifications against unauthorized access. After adoption of the UML 1.1 specification by the OMG membership in November 1997, Unified Modeling Language (UML) has been widely accepted as an object oriented software analysis/design methodology in the software engineering community. It provides most of the concepts and notations that are essential for documenting object oriented models. To demonstrate our approach, we have formulated security models for high secure office systems using the UML model.
在[S。Castano et al.(1992)],提出了一种面向对象的安全模型来保护办公环境中的文档。它将角色定义为用户所扮演的一组操作和职责,以确定他们可以在文档上执行的操作。该方案在使用现代面向对象编程语言对信息系统进行建模时易于表示和实现。但是,它只考虑从已标识的角色到文档的操作授权。未寻址与此操作关联的可用时隙。此外,没有指定外围设备(如打印机)访问授权的操作和责任。这些特性对于必须保护不同分类的信息免遭未经授权访问的军事或政府高安全性系统非常重要。在1997年11月OMG成员采用UML 1.1规范之后,统一建模语言(UML)作为一种面向对象的软件分析/设计方法在软件工程社区被广泛接受。它提供了记录面向对象模型所必需的大部分概念和符号。为了演示我们的方法,我们使用UML模型为高度安全的办公系统制定了安全模型。
{"title":"An extended object-oriented security model for high secure office environments","authors":"Bao-Chyuan Guan, Ping Wang, S. Chen, Ray-I Chang","doi":"10.1109/CCST.2003.1297535","DOIUrl":"https://doi.org/10.1109/CCST.2003.1297535","url":null,"abstract":"In [S. Castano et al. (1992)], an object-oriented security model was proposed to protect documents in office environments. It defined role as a set of actions and responsibilities played by users to identify the operations that they can execute on documents. This scheme can make representation and realization easy while using modem object-oriented programming languages to model an information system. However, it simply considered the authorization of operation from an identified role to the document. The available time slot associated with this operation was not addressed. Moreover, actions and responsibilities to the access authorization of a peripheral device (such as the printer) were not specified. These characteristics are very important for a high-secure system in military or government that must protect information of different classifications against unauthorized access. After adoption of the UML 1.1 specification by the OMG membership in November 1997, Unified Modeling Language (UML) has been widely accepted as an object oriented software analysis/design methodology in the software engineering community. It provides most of the concepts and notations that are essential for documenting object oriented models. To demonstrate our approach, we have formulated security models for high secure office systems using the UML model.","PeriodicalId":344868,"journal":{"name":"IEEE 37th Annual 2003 International Carnahan Conference onSecurity Technology, 2003. Proceedings.","volume":"15 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2003-10-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126634559","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2003-10-14DOI: 10.1109/CCST.2003.1297553
Gen-Yih Liao, Chen Song
The Internet creates an efficient environment for businesses to conduct transactions, while also creating a channel for outsiders to access organizational assets. To determine the reasonable amount of security investment, security officers would conduct risk assessment to evaluate the risk values in existing systems. In traditional risk assessment processes, however, heavy dependence on human experts leads to difficulties in automating risk assessment. We propose a transaction based computer aided system to facilitate risk assessment on information systems. The proposed system evaluates assets with business transactions, which facilitates the procedures of asset evaluation. The likelihood model used by the system can assist the risk analysts in conducting what-if analyses to determine risk values. Therefore, the proposed system contributes in enhancing the level of automation regarding risk assessment.
{"title":"Design of a computer-aided system for risk assessment on information systems","authors":"Gen-Yih Liao, Chen Song","doi":"10.1109/CCST.2003.1297553","DOIUrl":"https://doi.org/10.1109/CCST.2003.1297553","url":null,"abstract":"The Internet creates an efficient environment for businesses to conduct transactions, while also creating a channel for outsiders to access organizational assets. To determine the reasonable amount of security investment, security officers would conduct risk assessment to evaluate the risk values in existing systems. In traditional risk assessment processes, however, heavy dependence on human experts leads to difficulties in automating risk assessment. We propose a transaction based computer aided system to facilitate risk assessment on information systems. The proposed system evaluates assets with business transactions, which facilitates the procedures of asset evaluation. The likelihood model used by the system can assist the risk analysts in conducting what-if analyses to determine risk values. Therefore, the proposed system contributes in enhancing the level of automation regarding risk assessment.","PeriodicalId":344868,"journal":{"name":"IEEE 37th Annual 2003 International Carnahan Conference onSecurity Technology, 2003. Proceedings.","volume":"8 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2003-10-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114140343","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2003-10-14DOI: 10.1109/CCST.2003.1297566
Po-Hsian Huang
The Internet with far-reaching characteristic and various network technologies become modern medium for information to spread and market. E-Commerce promoted the convenience of consumption and competitive advantage of business, and gradually affected national competition ability. The key factors of trade on the network are trust and safety. The internal electronic signature has already passed, so trade of e-commerce is effective. Issue the digital certificate through the organization of third party certification. To establish trustful mechanism for e-commerce, the other problem is safety of trade. Safe mechanisms of trade presently contain secure socket layer ( SSL ) and secure electronic transaction (SET) . There are different applications of agent in lots of domains. The application of automatic negotiation agent is mostly in the sale Website. It supports purchasers find out appropriate sellers and negotiate with them, saved the cost and time that both parties search and negotiate with each other. However, the recognition and certification of trade really contain its necessity in the agent, particularly in mobile agent. We combine SET with the intelligent mobile agent, and uses current structure of negotiation on the Internet. Promote the trading safety of intelligent mobile agent by the certification of SET. Flexibly handle the different needs of purchasers in the negotiation rather than only limit to exchange data.
{"title":"Integrate the structure of negotiation certification of set and the intelligent mobile agent","authors":"Po-Hsian Huang","doi":"10.1109/CCST.2003.1297566","DOIUrl":"https://doi.org/10.1109/CCST.2003.1297566","url":null,"abstract":"The Internet with far-reaching characteristic and various network technologies become modern medium for information to spread and market. E-Commerce promoted the convenience of consumption and competitive advantage of business, and gradually affected national competition ability. The key factors of trade on the network are trust and safety. The internal electronic signature has already passed, so trade of e-commerce is effective. Issue the digital certificate through the organization of third party certification. To establish trustful mechanism for e-commerce, the other problem is safety of trade. Safe mechanisms of trade presently contain secure socket layer ( SSL ) and secure electronic transaction (SET) . There are different applications of agent in lots of domains. The application of automatic negotiation agent is mostly in the sale Website. It supports purchasers find out appropriate sellers and negotiate with them, saved the cost and time that both parties search and negotiate with each other. However, the recognition and certification of trade really contain its necessity in the agent, particularly in mobile agent. We combine SET with the intelligent mobile agent, and uses current structure of negotiation on the Internet. Promote the trading safety of intelligent mobile agent by the certification of SET. Flexibly handle the different needs of purchasers in the negotiation rather than only limit to exchange data.","PeriodicalId":344868,"journal":{"name":"IEEE 37th Annual 2003 International Carnahan Conference onSecurity Technology, 2003. Proceedings.","volume":"41 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2003-10-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116550739","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2003-10-14DOI: 10.1109/CCST.2003.1297533
F. de la Puente, J. D. Sandoval, P. Hernandez
During the last decades we have witnessed an exponential growth of the number of computer viruses. However, the real threat we are now facing is not so much the fact that a virus can make thousands of copies of itself in our computer, but the wide range of things they can do with the data stored or processed in it. One field in which this fact should be considered with special care is electronic banking. These online services are normally accessed from personal computers with low protection. The operating systems used on these computers tend to sacrifice the security on behalf of the commodity of the user. Under such circumstances, it would be rather easy to implement a man-in-the-middle attack in order to intercept the data exchanged with the bank. This way an attacker could end up controlling the money in our bank accounts. In order to illustrate this assertion, we outline some possible attacks that can break the security of several security systems, from passwords authentication to smart cards. The conclusion that we extract from here is that we cannot trust our computers: The data we input on the computer can be stolen, the data exchanged with other computers on the Web can also be intercepted and even modified, and the output we get from the computer monitor may not correspond to the data it is about to process and send in our name. Therefore, an trusted device is needed when performing banking operations over the Internet. Here we propose a digital signer device that not only provides a tamper proof storage for the digital signature but also provides its own display and keyboard. This system improves the security of smart cards by avoiding its dependence on the computer to interface with the user, making it immune to virus attacks.
{"title":"Pocket device for authentication and data integrity on Internet banking applications","authors":"F. de la Puente, J. D. Sandoval, P. Hernandez","doi":"10.1109/CCST.2003.1297533","DOIUrl":"https://doi.org/10.1109/CCST.2003.1297533","url":null,"abstract":"During the last decades we have witnessed an exponential growth of the number of computer viruses. However, the real threat we are now facing is not so much the fact that a virus can make thousands of copies of itself in our computer, but the wide range of things they can do with the data stored or processed in it. One field in which this fact should be considered with special care is electronic banking. These online services are normally accessed from personal computers with low protection. The operating systems used on these computers tend to sacrifice the security on behalf of the commodity of the user. Under such circumstances, it would be rather easy to implement a man-in-the-middle attack in order to intercept the data exchanged with the bank. This way an attacker could end up controlling the money in our bank accounts. In order to illustrate this assertion, we outline some possible attacks that can break the security of several security systems, from passwords authentication to smart cards. The conclusion that we extract from here is that we cannot trust our computers: The data we input on the computer can be stolen, the data exchanged with other computers on the Web can also be intercepted and even modified, and the output we get from the computer monitor may not correspond to the data it is about to process and send in our name. Therefore, an trusted device is needed when performing banking operations over the Internet. Here we propose a digital signer device that not only provides a tamper proof storage for the digital signature but also provides its own display and keyboard. This system improves the security of smart cards by avoiding its dependence on the computer to interface with the user, making it immune to virus attacks.","PeriodicalId":344868,"journal":{"name":"IEEE 37th Annual 2003 International Carnahan Conference onSecurity Technology, 2003. Proceedings.","volume":"340 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2003-10-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134032760","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2003-10-14DOI: 10.1109/CCST.2003.1297563
J. Mar, Konrad Lee
An elliptic curve cryptosystem (ECC) public-key authentication protocol, which employs the certificate to greatly improve the 3GPP/UMTS security, is present. When the certificate validity intervals are properly set, the increase in the signaling load for the ECC/UMTS authentication protocol can be reduced for point-to-point communications.
{"title":"Application of certificate on the ECC authentication protocol for point-to-point communications","authors":"J. Mar, Konrad Lee","doi":"10.1109/CCST.2003.1297563","DOIUrl":"https://doi.org/10.1109/CCST.2003.1297563","url":null,"abstract":"An elliptic curve cryptosystem (ECC) public-key authentication protocol, which employs the certificate to greatly improve the 3GPP/UMTS security, is present. When the certificate validity intervals are properly set, the increase in the signaling load for the ECC/UMTS authentication protocol can be reduced for point-to-point communications.","PeriodicalId":344868,"journal":{"name":"IEEE 37th Annual 2003 International Carnahan Conference onSecurity Technology, 2003. Proceedings.","volume":"38 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2003-10-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132906403","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2003-10-14DOI: 10.1109/CCST.2003.1297594
G. Tai, C. Ou
Taiwan established its first Certification Authority, namely, Government Certification Authority (GCA), in 1998 which launched the electronic certification services in Taiwan. From year 2001 to 2004, Government Public Key Infrastructure (GPKI) is being established according to the planning set forth in E-Government Program with the aim of strengthening electronic government infrastructure and establishing electronic certification and security applications for executive administration. Some commercial PKIs such as eCA, TaiCA and Hitrust have established in Taiwan in recent years. PKI interoperability becomes a major issue. Several Interoperability methods, such as strict hierarchy and bridge certificate authority (BCA), have been deployed in different PKI domains. Global PKI interoperability in Taiwan is adopting BCA as a major CA-CA interoperability engine, which will bridge trust relationship between different PKI domains.
{"title":"The development of PKI interoperability in Taiwan","authors":"G. Tai, C. Ou","doi":"10.1109/CCST.2003.1297594","DOIUrl":"https://doi.org/10.1109/CCST.2003.1297594","url":null,"abstract":"Taiwan established its first Certification Authority, namely, Government Certification Authority (GCA), in 1998 which launched the electronic certification services in Taiwan. From year 2001 to 2004, Government Public Key Infrastructure (GPKI) is being established according to the planning set forth in E-Government Program with the aim of strengthening electronic government infrastructure and establishing electronic certification and security applications for executive administration. Some commercial PKIs such as eCA, TaiCA and Hitrust have established in Taiwan in recent years. PKI interoperability becomes a major issue. Several Interoperability methods, such as strict hierarchy and bridge certificate authority (BCA), have been deployed in different PKI domains. Global PKI interoperability in Taiwan is adopting BCA as a major CA-CA interoperability engine, which will bridge trust relationship between different PKI domains.","PeriodicalId":344868,"journal":{"name":"IEEE 37th Annual 2003 International Carnahan Conference onSecurity Technology, 2003. Proceedings.","volume":"68 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2003-10-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114590151","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2003-10-14DOI: 10.1109/CCST.2003.1297554
Sung-Hyun Yun, Sung-jin Lee
Voting is an important social activity in democratic society. The realization of electronic democracy is based on the security of electronic voting scheme. Therefore, it is necessary to use the cryptographic technique for secure election. The electronic voting scheme based on undeniable blind signature scheme is proposed for providing anonymity of voters and ensuring that the intermediate voting results do not affect the entire election. In order to make practical voting scheme, we assume that the voting authorization center is trustful and the IP trace between the voting authorization center and a voter is not available. The proposed scheme fully conforms to the requirements of large scale election such as privacy, fairness, unreusability, unforgeability and eligibility.
{"title":"An electronic voting scheme based on undeniable blind signature scheme","authors":"Sung-Hyun Yun, Sung-jin Lee","doi":"10.1109/CCST.2003.1297554","DOIUrl":"https://doi.org/10.1109/CCST.2003.1297554","url":null,"abstract":"Voting is an important social activity in democratic society. The realization of electronic democracy is based on the security of electronic voting scheme. Therefore, it is necessary to use the cryptographic technique for secure election. The electronic voting scheme based on undeniable blind signature scheme is proposed for providing anonymity of voters and ensuring that the intermediate voting results do not affect the entire election. In order to make practical voting scheme, we assume that the voting authorization center is trustful and the IP trace between the voting authorization center and a voter is not available. The proposed scheme fully conforms to the requirements of large scale election such as privacy, fairness, unreusability, unforgeability and eligibility.","PeriodicalId":344868,"journal":{"name":"IEEE 37th Annual 2003 International Carnahan Conference onSecurity Technology, 2003. Proceedings.","volume":"84 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2003-10-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116233220","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2003-10-14DOI: 10.1109/CCST.2003.1297551
M. Kang, K. Kim, Hwangbin Ryou
Web services make the distributed computing based on XML technology possible and are being watched with a new technology to replace the existing distributed computing such as CORBA, Java RMI, and DCOM. One of the issues that needs to be solved to deploy Web services is just Web services security. It is necessary to satisfy the security features like user authentication, confidentiality, integrity, nonrepudiation, and user authorization. We design and implement a system that makes the effective authorization for Web service users possible by using an attribute certificate for Web services.
{"title":"An authorization mechanism for Web services using an attribute certificate","authors":"M. Kang, K. Kim, Hwangbin Ryou","doi":"10.1109/CCST.2003.1297551","DOIUrl":"https://doi.org/10.1109/CCST.2003.1297551","url":null,"abstract":"Web services make the distributed computing based on XML technology possible and are being watched with a new technology to replace the existing distributed computing such as CORBA, Java RMI, and DCOM. One of the issues that needs to be solved to deploy Web services is just Web services security. It is necessary to satisfy the security features like user authentication, confidentiality, integrity, nonrepudiation, and user authorization. We design and implement a system that makes the effective authorization for Web service users possible by using an attribute certificate for Web services.","PeriodicalId":344868,"journal":{"name":"IEEE 37th Annual 2003 International Carnahan Conference onSecurity Technology, 2003. Proceedings.","volume":"68 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2003-10-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122003226","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2003-10-14DOI: 10.1109/CCST.2003.1297547
J. Jen-Rong Chen, An-Pin Chen, R. Wen-Mao Lin
The basic theories for designing digital signatures are factorization or discrete logarithm. Generally, when building an information system, the defense ability of the system is relatively weak if using either discrete logarithm or factorization theories alone. A blind signature scheme allows a person to sign an unknown message from others without knowing the disclosure of the content. It can be widely applied to secret electronic voting, anonymous digital cash systems, database security etc. In view of the high security and efficiency and the need of a mechanism of blind signature in the future informationalized society, it is definitely essential to work out a way to eliminate the negative factors developed while building the system. We follow the main idea mentioned above and provide a novel blind signature scheme.
{"title":"A novel blind signature scheme possessed with dual protections","authors":"J. Jen-Rong Chen, An-Pin Chen, R. Wen-Mao Lin","doi":"10.1109/CCST.2003.1297547","DOIUrl":"https://doi.org/10.1109/CCST.2003.1297547","url":null,"abstract":"The basic theories for designing digital signatures are factorization or discrete logarithm. Generally, when building an information system, the defense ability of the system is relatively weak if using either discrete logarithm or factorization theories alone. A blind signature scheme allows a person to sign an unknown message from others without knowing the disclosure of the content. It can be widely applied to secret electronic voting, anonymous digital cash systems, database security etc. In view of the high security and efficiency and the need of a mechanism of blind signature in the future informationalized society, it is definitely essential to work out a way to eliminate the negative factors developed while building the system. We follow the main idea mentioned above and provide a novel blind signature scheme.","PeriodicalId":344868,"journal":{"name":"IEEE 37th Annual 2003 International Carnahan Conference onSecurity Technology, 2003. Proceedings.","volume":"22 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2003-10-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132076533","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: