在普適計算環境(Pervasive computing environments,簡稱PCEs)的安全研究中,大部份是以討論與通訊安全相關的議題為主,如資料的隱密性、完整性或鑑別性。然而,隨著個人資料外洩所帶來的風險,使用者的隱私逐漸獲得重視,因此,如何在保有安全通訊的情況下,同時又能保障使用者的隱私,已成為普適計算研究的另一個重要議題。近年來,已有不少學者投入這方面的研究,也讓普適計算的安全機能又向前邁進。加入使用者隱私後,也衍生一個新的挑戰,就是在普適計算環境的服務提供者如何在匿名的前題下,對存取服務的使用者進行計費作業?本論文,我們考量個人隱私、通訊安全及計費機制等功能,提出了一個適於普適計算環境中存取服務的方法,此外,為了對服務資源的有效安全管理,我們兼顧使用者的存取控制管理。我們的技術也考慮使用者漫遊跨網存取服務的情境,最後,我們利用BAN-Logic來證明使用者與服務提供者在通訊過程時,能達成鑑別效果及其所建立的會議金鑰(session key)之正確性。 Communication security is widely discussed in pervasive computing environments (PCEs), such as data confidentiality, integrity and authentication. However, due to the risk of leakage of individual data, people increasingly paid attention to user''s privacy. It preserving user’s privacy also is an important issue of PCEs. There are many researchers devote themselves to improve the security of PCEs. But it comes with a new challenge when user''s privacy is taken into account. That is how do service providers of PCEs provide services and charge to anonymous user. This thesis takes personal privacy, communication security and accounting mechanism into consideration to propose a protocol good for accessing services in PCEs. We consider the user access control to utilize the service resource efficiently. Also, our protocol provides services to roaming users. In addition, we verify correctness of the session key used in communication between the user and service provider based on BAN Logic.
