基于SDN的电邮抵赖源头抑制方法

doi:10.11959/j.issn.1000-436x.2016178

摘要/Abstract

摘要：

受制于现有互联网体系可管控性的丧失，以签收电邮为代表的安全电邮技术仅能对电邮抵赖进行事后检测而无法实施源头抑制。基于SDN（software-defined networking）控制与数据相分离的思想，通过将定制的抵赖抑制单元旁路附加到传统电邮模型之上，提出一种不破坏现有电邮结构的电邮抵赖源头抑制方法。在给出抵赖抑制单元内嵌的电邮证据绑定协议、抵赖行为检测算法、签收信度评估模型和抑制策略形成算法后，对所提方法在4 种交叉场景中进行了有效性测试。实验结果表明，在与当前电邮系统兼容共生的前提下，所提方法能够对电邮抵赖实施有效的源头抑制。

关键词: 电邮抵赖, 源头抑制, SDN, 签收电邮

Abstract:

With the limitation of controllability of the existing Internet architecture,the existing secure e-mail technology such as certified e-mail can only post detection but cannot source restraining on e-mail repudiation.Based on the idea of control and data separation of software-defined networking technology,by means of bypass attaching customized repudiation restrain unit to the traditional e-mail model.An e-mail repudiation source restraining method was proposed without destroying the existing e-mail structure.After presenting e-mail evidence binding protocol,repudiation behavior detection algorithm,certified reputation evaluation model,and repudiation restraining strategy formation algorithm embedded in repudiation restrain unit,the effectiveness were tested of the proposed method in 4 cross scenarios.The experimental results show that,under the premise of compatibility with the current e-mail system,the method can source restrain e-mail repudiation effectively.

Key words: e-mail repudiation, source restraining, SDN, certified e-mail

韩志耕,冯霞,陈耿. 基于SDN的电邮抵赖源头抑制方法[J]. 通信学报, 2016, 37(9): 55-67.

Zhi-geng HAN,Xia FENG,Geng CHEN. SDN based e-mail repudiation source restraining method[J]. Journal on Communications, 2016, 37(9): 55-67.

图/表 13

图1

图2

图3

图4

图5

图6

图7

表1

图8

表2

图9

表3

表4

参考文献 24

[1]	WELLS T M , DENNIS A R . To e-mail or not to e-mail:the impact of media on psychophysiological responses and emotional content in utilitarian and romantic communication[J]. Computers in Human Behavior, 2016,54: 1-9.
[2]	TAUBER A . A survey of certified mail systems provided on the Internet[J]. Computers & Security, 2011,30: 464-485.
[3]	FERRER-GOMILLA J L , ONIEVA J A , PAYERAS M ,et al. Certified electronic mail:properties revisited[J]. Computers & Security, 2010,29(2): 167-179.
[4]	KIM H , FEAMSTER N . Improving network management with software defined networking[J]. IEEE Communications Magazine, 2013,51(2): 114-119.
[5]	ALI S T , SIVARAMAN V , RADFORD A ,et al. A survey of securing networks using software defined networking[J]. IEEE Transactions on Reliability, 2015,64(3): 1086-1097.
[6]	BECHTOLD S , PERRIG A . Accountability in future Internet architectures[J]. Communications of the ACM, 2014,57(9): 21-23.
[7]	WANG Y , SUSILO W , AU MH ,et al. Collusion-resistance in optimistic fair exchange[J]. IEEE Transactions on Information Forensics and Security, 2014,9(8): 1227-1239.
[8]	ONIEVA J A , ZHOU J , LOPEZ J . Enhancing certified e-mail service for timeliness and multicast[C]// 2004 International Network Conference. Plymouth,UK, 2004: 327-336.
[9]	MICALI S , . Simple and fast optimistic protocols for fair electronic exchange[C]// The twenty-second annual symposium on Principles of distributed computing. Boston,USA, 2003: 12-19.
[10]	SHAO MH , WANG G , ZHOU J . Some common attacks against certified e-mail protocols and the countermeasures[J]. Computer Communications, 2006,29(15): 2759-2769.
[11]	PAYERAS-CAPELLà M M , MUT-PUIGSERVER M , FERRER-GOMILA J L ,et al. No author based selective receipt in an efficient certified e-mail protocol[C]// 2009 17th Euromicro International Conference on Parallel,Distributed and Network-based Processing. Weimar, 2009: 387-392.
[12]	PUIGSERVER M M , GOMILA J L F , ROTGER L H . Certified electronic mail protocol resistant to a minority of malicious third parties[C]// Nineteenth Annual Joint Conference of the IEEE Computer and Communications Societies (IEEE INFOCOM 2000). 2000: 1401-1405.
[13]	ATENIESE G , MEDEIROS BD , GOODRICH MT . TRICERT:a distributed certified e-mail schemes[C]// 2001 Network and Distributed System Security Symposium. San Diego,USA, 2001.
[14]	ZHOU J , ONIEVA J , LOPEZ J . Optimized multi-party certified e-mail protocols[J]. Information Management & Computer Security, 2005,13(5): 350-366.
[15]	WANG C , LAN C , NIU S ,et al. An ID-based certified e-mail protocol with STTP suitable for wireless mobile environments[J]. Journal of Computers, 2013,8(1): 3-9.
[16]	TAUBER A , APITZSCH J , BOLDRIN L . An interoperability standard for certified mail systems[J]. Computer Standards & Interfaces, 2012,34: 452-466.
[17]	TAUBER A , KUSTOR P , KARNING B . Cross-border certified electronic mailing:a European perspective[J]. Computer Law & Security Review, 2013,29(1): 28-39.
[18]	DRAPER-GIL G , FERRER-GOMILA JL , HINAREJOS MF ,et al. An optimistic certified e-mail protocol for the current Internet e-mail architecture[C]// 2014 IEEE Conference on Communications and Network Security(CNS). San Francisco, 2014: 382-390.
[19]	PAULIN A , WELZER T . A universal system for fair non-repudiable certified e-mail without a trusted third party[J]. Computers & Security, 2013,32: 207-218.
[20]	LARA A , KOLASANI A , Ramamurthy B . Network innovation using OpenFlow:a survey[J]. IEEE Communications Surveys & Tutorials, 2014,16(1): 493-512.
[21]	KREUTZ D , RAMOS F M V , VERISSIMO P E ,et al. Softwaredefined networking:A comprehensive survey[J]. Proceedings of the IEEE, 2015,103(1): 14-76.
[22]	SYVERSON P , VANOORSCHOT P C . A unified cryptographic protocol logic[R]. Technical Report,NRL Publication 5540-227,Naval Research Lab, 1996.
[23]	HENDRIKX F , BUBENDORFER K , CHARD R . Reputation systems:A survey and taxonomy[J]. Journal of Parallel and Distributed Computing, 2015,75: 184-197.
[24]	SRIVATSA M , XIONG L , LIU L . TrustGuard:countering vulnerabilities in reputation management for decentralized overlay networks[C]// The 14th international conference on World Wide Web (WWW2005). Chiba,Japan, 2005.

类型	无共谋无诽谤	无共谋有诽谤	有共谋无诽谤	有共谋有诽谤	均值
发送抵赖	0.250 0↘0.020 0	0.250 0↘0.019 0	0.250 0↘0.020 2	0.225 0↘0.019 6	0.243 8↘0.019 7
接收抵赖	0.233 3↘0.020 1	0.200 0↘0.019 0	0.177 3↘0.020 4	0.250 0↘0.020 2	0.215 2↘0.019 9
收发抵赖	0.016 7↘0	0.023 1↘0	0.010 0↘0	0.005 6↘0	0.013 9↘0
无抵赖	0.616 7↗0.957 7	0.610 0↗0.957 5	0.630 0↗0.957 2	0.625 0↗0.957 2	0.620 4↗0.957 4

类型	无共谋无诽谤		无共谋有诽谤		有共谋无诽谤		有共谋有诽谤		平均
类型	区间	均值	区间	均值	区间	均值	区间	均值	平均
抵赖查全率	0.025 6,0.812 5]	0.434 8	0.052 6,0.720 9]	0.334 8	0.052 6,0.766 7]	0.434 9	0.050 0,0.625 0]	0.287 4	0.373 0
抵赖查准率	0.875 0,1]	0.998 1	0.818 2,1 ]	0.999 6	0.702 7,1]	0.999 1	0.947 4,1 ]	0.999 9	0.999 2
调和平均值	0.050 0,0.896 6]	0.592 5	0.100 0,0.837 8]	0.490 1	0.095 2,0.867 9]	0.587 8	0.095 2,0.769 2]	0.435 0	0.526 4

抵赖抑制类别			无共谋无诽谤下交互总量					无共谋有诽谤下交互总量
抵赖抑制类别		100	500	1 000	2 000	10 000	100	500	1 000	2 000	10 000
	本文	0.380 0	0.250 0	0.185 0	0.108 5	0.022 1	0.270 0	0.256 0	0.184 0	0.104 0	0.021 2
源头抑制
	签邮	0.000	0.000	0.000	0.000	0.000	0.000	0.000	0.000	0.000	0.000
	本文	0.020 0	0.022 0	0.015 0	0.003 5	0.001 2	0.050 0	0.012 0	0.007 0	0.006 0	0.000 1
事后抑制
	签邮	0.400 0	0.272 0	0.200 0	0.112 0	0.023 3	0.320 0	0.268 0	0.191 0	0.110 0	0.021 3
本文源头/签邮事后		95.00%	91.91%	92.5%	96.88%	94.85%	84.38%	95.52%	96.34%	94.55%	99.53%

抵赖抑制类别		有共谋无诽谤下交互总量					有共谋有诽谤下交互总量
抵赖抑制类别		100	500	1 000	2 000	10 000	100	500	1 000	2 000	10 000
	本文	0.290 0	0.232 0	0.180 0	0.106 0	0.021 7	0.240 0	0.260 0	0.176 0	0.109 0	0.021 9
源头抑制
	签邮	0.000	0.000	0.000	0.000	0.000	0.000	0.000	0.000	0.000	0.000
	本文	0.120 0	0.034 0	0.004 0	0.003 0	0.000 2	0.050 0	0.026 0	0.011 0	0.002 5	0.000 2
事后抑制
	签邮	0.410 0	0.266 0	0.184 0	0.109 0	0.021 9	0.290 0	0.286 0	0.187 0	0.111 5	0.022 1
本文源头/签邮事后		70.73%	87.22%	97.83%	97.25%	99.09%	82.76%	90.91%	94.12%	97.76%	99.10%