总收发与外收发.pptVIP

Chap 19Electronic Document Outline Document Interchange Requirements for delivery Security Mechanisms Client Security Requirements Document Interchange Security Mechanism and Security Service Requirements for delivery Must confirm the identification of the originator and the validity of the document. Keep documents and attachments integrated. Documents must be delivered in private and be true to deliver. Threats for delivery Disclosure of documents Forged documents Modified documents Loss or miss Repudiation Not signed by receptor Unauthorized documents Not use delivered paths Security Mechanisms(1/3) Confidentiality encryption Authentication Digital Signature Integrity Collision-free one-way hash function Access Control encryption Security Mechanisms(2/3) Security Mechanisms(3/3) Non-repudiation Authorization or Permission Accountability Auditability Log file Availability Usability Client Security Requirements Program protection Confidentiality protection for data in smart card Digital Signature procedure Group-Oriented Digital Signature Multisignature Group Signature Key recovery Break attack prevention Firewall system Backup system Multisignature In RAS, up , Nu : User public key us : User private key sp , Ns : Server public key Group Signature(1/2) In ElGamal, a generator g and a large prime p user public key up=gusMod P and private key us server public key sp=gssMod P and private key ss common public key Y=up*sp Mod P Group Signature(2/2) Security Assessment * ? ? ? 送達或付郵 總收發與外收發 ? ? ? 掛號收據或回執 ? 簽收 外收發與總收發 ? ? 檢驗封口點收 回執蓋戳﹑登記簽收 安全需求 來源鑑別 存取控制 機密性 完整性 存證 步驟 發 ? ?  文 編號、登記 ? ? ? 核對 編號登記 封發 ? 封固、加外封 封固、加外封 封固 登記 總收發轉交外收發 總收發與外收發 ? ? ? 登記 簽收 收  文 外收發轉交總收發 外收發與總收發 ? ? ? 登記 簽收 拆驗 ? 拆封 拆封、轉交 點驗 編號登記 電子公文解決機密性、存取控制、可驗證發文端及完整性示意圖 Signature Procedure : M : Signed document 1. Sig1=Mus Mod Nu