| As the offspring of the grid technology combined with the advanced manufacture technology, the manufacturing grid is a distributed and heterogeneous platform based on wide area networks. It is different from both generic networks and the networked manufacturing systems, due to possessing various characteristics, such as distributed characteristics, heterogeneity, sharing, cooperativity, and so on. Therefore, it has special requests for information security technologies. Not only will the manufacturing grids be confronted with usual information security questions in internet, such as confidentiality, integrality, authenticity, non-repudiation, identity authentication, access control, intrusion detection , but also, the manufacturing grid systems possess inherent characteristics, such as multi-agent, cooperativity, intercommunity, flexibility, etc., lead to some contradictions and conflicts between keeping these characteristics and assureing information security. Therefore, there are urgent demands to explore the security trust model of the manufacturing grid, to research the key agreement methods among multi-entities that are distributed, heterogeneous, and dynamic change, to search special digital signature algorithms, which are applicable to the manufacturing grid systems.In this doctoral dissertation, the security features and the security requirements of the manufacturing grid systems are analyzed, and the information security issues of the manufacturing grids are researched by making use of the advanced cryptography theory and information security technologies. The main research results are as follows:The key factors that influence the trusting relationship establishment among manufacturing grid nodes are analyzed. A new manufacturing grid security trust model is proposed, and the concept of trust is established on the foundation of node's identity trustworthiness and behavior trustworthiness, computing power, unit server cost, previous work success rate, intrusion detection and resistance capability. An integration evaluation algorithm is proposed based on fuzzy integration judgment theory. By making use of the algorithm, the trustworthiness among nodes can be evaluated comprehensively and quantitatively. Therefore, the thorny problem on the trusting relationship establishment among nodes can be solved.The multi-party key agreement methods are researched, in which, multi-entities are distributed, heterogeneous, dynamic change, and belong to different trust domains. Two new key agreement protocols that are applicable to manufacturing grid systems are proposed based on elliptic curve cryptosystem. The protocol I is an ID-based authenticated multi-party keys agreement protocol. Contrasting with previous schemes, our protocol I provides mutual authentication approach for grid nodes that belong to different trust domains, also, it does not require special hash functions, which effectively solves the problem that exists in almost all existing ID-based key agreement protocols in which a trusted PKG and special hash functions must be need to provide identity authenticity. The protocol II employs shared password evolvement authentication mechanism, which generates a one-time password for every session. The protocol II not only provides end-to-end authenticity and confidentiality, but also saves network bandwidth and computational overhead.A content extraction signature scheme and an ID-based universal designated-verifier signature scheme for distributed collaborative design are proposed based on elliptic curve cryptosystem. A digital multi-signature scheme is proposed based on the intractability of computing quadratic residues in finite fields. These schemes provide the functionality to ensure both the information sharing, cooperativity, openness, and confidentiality, authenticity, integrity, non-repudiation. Not only these schemes provide the flexibility for entities teamwork, but also satisfy the special security requires of the manufacturing grid users, which provide effectively solutions for message authentication and entity authentication in the manufacturing grid systems. A new delegation-by-certificate proxy signature scheme and a new ID-based proxy signature scheme are proposed based on the intractability of computing discrete logarithm in finite fields, which provide effectively solution for secure authorization entrusting and Single-Sign-On in manufacturing grid systems.An architecture framework and a security solution architecture model for Guanzhong region manufacturing grid are constructed based on Guanzhong region networked manufacturing integrated platform. A workable and valuable information security solution model is presented for the implementation of Guanzhong region manufacturing grid system.
|
PDF Full Text Request