New Key Insulated Signature Scheme : Mitigate the Damage of Key Exposure in Mobile Agents

This paper brings up a design of XML-based workflow engine and gives an implementation of a web-based workflow management system. Workflow is the automation of business procedures and workflow engine is the key part to carry out the system. Workflow engine can supply the conditions needed for executing a workflow process. This paper focuses on the workflow description language[1,5]-X-WPDL (XML-based Workflow Process Definition Language) that we designed and the implementation of the engine. All of the workflow processes that our engine operates are all described by X-WPDL. The engine translates the workflow process into an execution sequence that is consist of events or activities, then loads it in and drives it to run. The engine also offers an interface for the manager and participants for interaction. The application case will show that our implementation of this engine and the whole system is capable of processing workflow.

[1]  Matthew K. Franklin,et al.  Identity-Based Encryption from the Weil Pairing , 2001, CRYPTO.

[2]  David Chaum,et al.  Multiparty unconditionally secure protocols , 1988, STOC '88.

[3]  Yuan Zhou,et al.  Identity Based Key Insulated Signature , 2006, ISPEC.

[4]  Xiaobin Li,et al.  The Research of Mobile Agent Security , 2003, GCC.

[5]  Shouhuai Xu,et al.  Key-Insulated Public Key Cryptosystems , 2002, EUROCRYPT.

[6]  Claudia Raibulet,et al.  Mobile agent technology for the management of distributed systems - a case study , 2000, Comput. Networks.

[7]  Fritz Hohl,et al.  Time Limited Blackbox Security: Protecting Mobile Agents From Malicious Hosts , 1998, Mobile Agents and Security.

[8]  Mihir Bellare,et al.  Random oracles are practical: a paradigm for designing efficient protocols , 1993, CCS '93.

[9]  Silvio Micali,et al.  A Digital Signature Scheme Secure Against Adaptive Chosen-Message Attacks , 1988, SIAM J. Comput..

[10]  Sang-Ho Lee,et al.  A Secure Mobile Agent System Using Multi-signature Scheme in Electronic Commerce , 2003, Human.Society@Internet 2003.

[11]  Paolo Bellavista,et al.  Middleware services for interoperability in open mobile agent systems , 2001, Microprocess. Microsystems.

[12]  Andrew Chi-Chih Yao,et al.  How to generate and exchange secrets , 1986, 27th Annual Symposium on Foundations of Computer Science (sfcs 1986).

[13]  Peng Liu,et al.  Trust-based secure information sharing between federal government agencies , 2005, J. Assoc. Inf. Sci. Technol..

[14]  Ilyong Chung,et al.  A Secure Mobile Agent System Applying Identity-Based Digital Signature Scheme , 2002, EurAsia-ICT.

[15]  Reihaneh Safavi-Naini,et al.  An Efficient Signature Scheme from Bilinear Pairings and Its Applications , 2004, Public Key Cryptography.

[16]  Ravi S. Sandhu,et al.  Role-Based Access Control Models , 1996, Computer.

[17]  Shi Mei WFMS:WORKFLOW MANAGEMENT SYSTEM , 1999 .

[18]  Zhang Suqin Design of Workflow Engine Based on Web , 2004 .

[19]  Gian Pietro Picco,et al.  Mobile agents: an introduction , 2001, Microprocess. Microsystems.

[20]  Nicolás González-Deleito,et al.  A New Key-Insulated Signature Scheme , 2004, ICICS.

[21]  Chris J. Mitchell,et al.  A Proposed Architecture for Trusted Third Party Services , 1995, Cryptography: Policy and Algorithms.

[22]  M. Kasahara,et al.  A New Traitor Tracing , 2002, IEICE Trans. Fundam. Electron. Commun. Comput. Sci..

[23]  Shouhuai Xu,et al.  Strong Key-Insulated Signature Schemes , 2003, Public Key Cryptography.

[24]  Victor Shoup,et al.  OAEP Reconsidered , 2002, Journal of Cryptology.