On Secure Online Services over the Internet with Network Address Translators

• Main Authors: Fu-Shen Ho, 何福軒
• Other Authors: Shiuhpyng Shieh
• Format: Others
• Language: en_US
• Published: 2003
• Online Access: http://ndltd.ncl.edu.tw/handle/77443577856708479489

博士 === 國立交通大學 === 資訊工程系 === 91 === In this dissertation, we discuss the issues and propose solutions when deploying secure online services over the Internet with network address translators (NAT). In general, deployment of a secure online service can consist of following steps: probing of services, registration, authentication, payment, content delivery and settlement. We first discuss the pros and cons of NAT from the network layering perspective. Then, to cope with the issues raised by NAT, we propose a service probing and channel establishment protocol that can be deployed across multiple network address realms. After that, customers and service providers have to authenticate each other for further interactions. As an example of efficient authentication mechanism between two parties, we present an ID-based proxy authentication system that leverages the management strength of Public Key Infrastructure (PKI) while inherits the simplicity of a traditional ID-based protocol. Next, we present our payment and settlement models that enables current payment systems to handle transactions involving multiple participants. As the last step, we present two key distribution schemes for content delivery in the conditional access systems of Video-on-Demand (VoD) networks that improve the efficiency of key updates.