簡易檢索 / 詳目顯示

回結果列表
研究生: 陳志寧
Chen, Chih-Ning
論文名稱: 應用於台灣偏遠小學之集中式軟體管理與加密方法研究
A Centralized Software Management with Improved Authentication for the Rural Primary Schools in Taiwan
指導教授: 劉育釧
Liu, Yu-Chuan
楊世銘
Yang, Shih-Ming
學位類別: 博士
Doctor
系所名稱: 工學院 - 航空太空工程學系
Department of Aeronautics & Astronautics
論文出版年: 2007
畢業學年度: 95
語文別: 英文
論文頁數: 139
中文關鍵詞: 集中式軟體管理
外文關鍵詞: nation information infrastructure, centralized software management
相關次數: 點閱:51下載:2
分享至:
查詢本校圖書館目錄 查詢臺灣博碩士論文知識加值系統 勘誤回報

    • 在本論文提出了一個網路架構的應用,這個架構是基於1996所建置於全國中小學的校園網路之內。在這個應用中,包含了資料下載伺服功能與使用者個人身份認證功能兩大項目。而在使用者個人端中,則為了要節省管理上的人力,因而被簡化成只安裝作業系統的環境,所有使用者需要用到的應用軟體則被包裝成可以不需要繁複的安裝程序而以自動執行的模式,被存放在伺服器中,以便被下載使用。另外,在這個網路架構中,集中式軟體管理系統控制著這個網路架構,以致於軟體的維護與管理就變成在伺服器上而不是在使用者個人端。在維修經費不充裕的情況之下,這些當年所建購的設施中,不管是軟體或是硬體設施並沒有得到良好的維護與應有的升級。因此,如何在這些屬於過時且低階的設備之下,提供必要的資訊教育環境,就變得非常重要了。在本論文中提出的應用正適用於前面所提的設備,並且具有良好效能。在本論文中顯示,集中式軟體管理的網路結構應用於目前在中小學使用的網路設施上,可以提升目前來說屬於低階的硬體的性能。而在軟體和硬體的維護與管理的人力上,也可以降到最低,並且可以得到更高的安全。
    另外,為了保護整個網路架構而採用的使用者身份認證架構中,在密碼學中的訊息摘要演算法也被發展以便應用於改進密碼認證架構。而為了更高安全性著想,在本論文中設計了性能與架構類似於MD5的MD-160的訊息摘要演算法,以便提供更長的訊息摘要的輸出。因為更長的演算輸出,它可以提供更好的安全性。

    The national information infrastructure project in 1998 aimed at establishing a basic network facility for junior high and primary schools in Taiwan. As in many of the government initiated project, the hardware and software of the network facility once functioning has never been upgraded due to insufficient maintenance funding. Consequently, the facility can not meet the requirements for nowadays application. To provide sustaining educational environment under existing obsolete facility becomes the most important issue. This dissertation proposes an effective and innovation network architecture applicable to the existing network in primary school.
    The network structure consists of a server for data download service, another server for authentication service to provide the confirmation mechanism for client users, and the client, simplified with only operating system, is to download the application softwares in an auto-executable form from the server. A centralized software management governs the network structure such that the software maintenance is operated on the server instead of on the clients. A message digest algorithm, MD5-160, for cryptography is also developed to improve password authentication. The computation performance of MD5-160 is similar to MD5, but provides longer message digest output and hence better security. The network structure installed on present network facility of grade schools shows that the performance of the existing low-end facility can be improved, the maintenance efforts for both hardware and software can also be minimized, and higher security can be achieved.

    ABSTRACT i CONTENTS iii LIST OF TABLE vi LIST OF FIGURE vii NOMENCLATURE ix CHAPTER I INTRODUCTION 1 1.1 Motivation and Objective 1 1.2 Literature Review 2 1.2.1 Information Education 3 1.2.2 Network Architecture 4 1.2.3 Authentication and Security in Local Area Network 5 1.2.4 Message Digest Algorithm 8 1.3 Scope and Outline 10 II CENTRALIZED SOFTWARE MANAGEMENT 12 2.1 Introduction 12 2.2 The Centralized Software Management Architecture 13 2.3 Essential Components 15 2.3.1 Software Package 15 2.3.2 User Interface 18 2.4 Operation Scenario for the Proposed Centralized Software Management 20 2.5 Summary 23 III AN IMPROVED MESSAGE DIGEST ALGORITHM 38 3.1 Introduction 38 3.2 Message Digest Algorithm (MD5) 39 3.3 Development of MD5-X 46 3.3.1 Algorithm of MD5-X 46 3.3.2 Application for “Fingerprint” of MD5-X 52 3.4 Verification of MD5-160 and MD5-192 53 3.5 Summary 57 IV IMPLEMENTATION OF THE CENTRALIZED SOFTWARE MANAGEMENT 76 4.1 Introduction 76 4.2 Current Status in Primary Schools 77 4.3 Implementation 80 4.3.1 Network Architecture Scheme 80 4.3.2 Application Software Package 82 4.3.3 User Interface 84 4.4 Efficiency Improvement 86 4.5 Summary 89 V CONCLUSIONS 108 REFERENCES 113 APPENDIX A SOME EXAMPLES FOR MD5-160 119 APPENDIX B THE CODE OF MD5-160 (VISUAL BASIC 6.0) 120 APPENDIX C THE REGISTER PARAMETERS RECOVERED FOR APPLICATION SOFTWARE OPENOFFICE 137 PUBLICATION LIST 138 VITA 139 LIST OF TABLE Table Page 2-1 The Change of Relative System Architecture 25 2-2 The Change of System Directories Relative to “Adobe Acrobat Reader®.” 26 2-3 The General Operating Function Restriction in Client. 27 2-4 Difference Between Centralized Software Management and NHDS. 28 2-5 Difference Between Centralized Software Management and General Mode.  29 3-1 The Constants in MD5 and MD5-160 Algorithm. 59 3-2 The Difference Among MD5, SHA-1 and RIPEMD-160. 60 3-3 The Comparison of Performance on 850 CPU. 61 3-4 The Value of Parameter s for Circular Left Shift. 62 3-5 The Difference Among MD5 and MD5-160. 63 3-6 The Output of Message Digest. 64 3-7 The Output of Message Digest in Input “godspeed.” 65 3-8 The Output of Message Digest in File Input “OOo_1.1.4_Win32Intel_install.zip.” 66 4-1 The Parameters Setting in Linux Server. 91 4-2 The Scheme for Server and Client in Centralized Software Management.  92 4-3 The Time (Seconds) for Software Package Download. 93 LIST OF FIGURE Figure Page 2-1 The Information Infrastructure Architecture. 30 2-2 The Source Files of Application Software for Installation. 31 2-3 The Application Software for Execution in Client. 32 2-4 The Principle of Software Package. 33 2-5 The Files for Execution in Software Package. 34 2-6 The Request from Client and Response from Server. 35 2-7 The Flow for Request from Client to Server. 36 2-8 The Flow Sheet for Software Download. 37 3-1 Message Digest Generation Using MD5. 67 3-2 Processing Logic of MD5. 68 3-3 MD5 Processing of A Single 512-bit Block. 69 3-4 MD5-X Processing of a Single 512-bit Block (MD5 Compression Function). 70 3-5 MD5-160 Processing of a Single 512-bit Block (MD5 Compression Function). 71 3-6 The Application of “Fingerprint” of Sharing Data in the Network. 72 3-7 The Performance of Message Digest Computation with Different CPU Speed; Solid Line for MD5-192, Dash Line for MD5-160 and Dash-point for MD5. 73 3-8 The Computation Performance of Different Message Digest Output. 74 3-9 The Performance of Message Digest Computation with Different String Length; Solid Line for the Computation of MD5-192, Dash Line for MD5-160 and Dash-point for MD5. 75 4-1 The Usage Ratio of Hard Disc Drive and Main Memory in a Client. 94 4-2 The Usage Ratio of Hard Disc Drive and Main Memory in a Client with Application Software. 95 4-3 Virtual Memory Usage Ratio in General Operating. 96 4-4 The Comparison Among Different Server to Client. 97 4-5 The Source Program of Application Software for Installation. 98 4-6 The Package of Application Software for Auto-execution. 99 4-7 The User Interface Implement in Centralized Software Management. 100 4-8 User Interface for User Authentication. 101 4-9 The Shutdown Function in User Interface. 102 4-10 The Menu List of Some Application Softwares. 103 4-11 The Usage Ratio of Client Installed Only with Operating System under the Centralized Software Management, (a)Hard Disc, (b)CPU, (c)Main Memory, (d)Virtual Memory. 104 4-12 The Usage Ratio of Client Installed with Operating System and “openoffice.org” under the Centralized Software Management, (a)Hard disc, (b)CPU, (c)Main memory, (d)Virtual memory. 105 4-13 The Flow Quantity from Server, (a)During 3-Client Download,(b)During 7-Client Download. 106 4-14 The Efficiency of Server (a)During 3-Client Download, (b)During 7-Client Download.  107

    Abadi, M. and Rogaway, P., “Reconciling Two Views of Cryptography (The Computational Soundness of Formal Encryption),” Journal of Cryptology, Vol. 15, No. 2, 2002, pp.103-127.
    Barchett, L. D., Banerji, A., Tracey, J. M. and Cohn, D. L., “Problems Using MD5 with IPv6,” Performance Evaluation 27-28, 1996, pp. 507-518.
    Becker, H. J. and Ravitz, J. L., “Computer Use by Teachers: Are Cuban’s Predictons Correct?” AERA Annual Meeting, New Mexico, 2001.
    Berson, T. A., “Differential Cryptanalysis Mod 232 with Application to MD5,” Advances in Cryptology, Proc. Eurocrypt’92, Springer Verlag, 1993, pp. 71-80.
    Beumier, C. and Acheroy, M., “Automatic 3D Face Authentication,” Image and Vision Computing, Vol.18, 2000, pp. 315-321.
    Biham, E. and Shamir, A., “Differential Cryptanalysis of DES-like Cryptosystems,” Journal of Cryptology, Vol. 4, No.1, 1991, pp. 3-72.
    Bodmann, S. M., and Robinson, D. H., “Speed and Performance Differences Among Computer-Based and Paper-Pencil Tests,” Journal of Educational Computing Research, Vol. 31, No. 1, 2004, pp. 51-60.
    Boer, B. den and Bosselaers, A., “Collisions for the Compression Function of MD5,” Advances in Cryptology, Proc. Eurocrypt’93, LNCS 765, T. Helleseth, Ed., Springer Verlag, 1994, pp. 293-304.
    Bosselaers, A., Govaerts, R. and Vandewalle, J., “Fast hashing on the Pentium,” Advances in Cryptology, Proceedings Crypto'96, LNCS 1109, N. Koblitz, Ed., Springer-Verlag, 1996, pp. 298-312.
    Brinkerhoff, J. and Koroghlanian, C. M., “Student Computer Skills and Attitudes Toward Internet-Delivered Instruction: An Assessment of Stability Over Time and Place,” Journal of Educational Computing Research, Vol. 32, No. 1, 2005, pp. 27-56.
    Chang, Z. C., Computer Cryptography and Information Security (in Chinese), Unalis Corporation, Taipei, 1989.
    Chien, H. Y. and Jan, J. K., “Improved Authenticated Multiple-Key Agreement Protocol without Using Conventional One-Way Function,” Applied Mathematics and Computation, No. 147, 2004, pp. 491-497.
    Chien, P. Y., “Teacher Stress in Taiwanese Primary Schools,” Journal of Educational Enquiry, Vol. 5, No. 2, 2004, pp. 86-104.
    Chin, G., “Software Protecting in Internet (in Chinese),” PC World, Vol. 52, 2001. Also at http://www.pcworld.com.cn/2000/back_issues/2052/5211c.asp.
    Diffie, W. and Hellman, M., “New Directions in Cryptography,” IEEE IT, Vol. 22, 1976, pp. 644-654.
    Dobbertin, H., Bosselaers, A. and Preneel, B., “The RIPEMD-160 Cryptographic Hash Function,” Dr. Dobb’s Journal, Vol. 22, No. 1, Jan. 1997.
    Dobbertin, H., “RIPEMD with Two-Round Compress Function Is Not Collision-Free,” Journal of Cryptology, Vol. 10, No. 1, 1997, pp. 51-69.
    Dobbertin, H., “Cryptanalysis of MD4,” Journal of Cryptology, Vol. 11, No. 4, 1998, pp. 253-271.
    Downes, T., “Blending Play, Practice and Performance: Children’s Use of the Computer at Home,” Journal of Education Enquiry, Vol. 3, No. 2, 2002, pp. 21-34.
    Drakopoulos, E., “Enterprise Network Planning and Design: Methodology and Application,” Computer Communications, Vol. 22, 1999, pp. 340-352.
    Fan, Network Computer-Introspection after Fervor (in Chinese), 1995. Available at http://www.microsoft.com/taiwan/products/windows/win95/netpc.htm
    Horng, G. B., “Password Authentication without Using a Password Table,” Information Processing Letters, No. l, 55, 1995, pp. 247-250.
    Hsiau, S. N., Technology/Power/Education: The Research for Teaching Meanings and Hidden Influences of Information Technology in Elementary Schools, Ph. D. Dissertation, National University of Tainan, 2004.
    Huang, S. Y., “Education Students’ Perceptions of Computers: A Cross-Cultural Study,” Journal of Educational Computing Research, Vol. 29, No. 4, 2003, pp. 451-469.
    Hwang, R. J., Lai, C. H., and Pen, J. C., “Cryptanalysis of Publicly Verifiable Authenticated Encryption,” National Computer Symposium, 2003, pp. 1396-1397.
    Jefferies, P., Grodzinsky, F. and Griffin, J., “Advantages and Problems in Using Information Communication Technologies to Support the Teaching of a Multi-institutional Computer Ethics Course,” Journal of Education Media, Vol. 28, No. 2-3, 2003, pp. 191-202.
    Jenkins, J. M., “Teaching for Tomorrow: The Changing Role of Teachers in the Connected Classroom,” Open Classroom Conference, 1999.
    Kippen, S., “Teacher Reflection and Theories of Learning Online,” Journal of Education Enquiry, Vol. 4, No. 1, 2003, pp. 19-30.
    Kwon, T. and Song, J., “Efficient and Secure Password-Based Authentication Protocols Against Guessing Attacks,” Computer Communications, Vol. 21, 1998, pp. 853-861.
    Lai, Y. L., Using SoftICE (in Chinese), Posts & Telecommunications Press, Beijing, 2002, pp.225-257.
    Lampson, B., Abadi, M., and Burrows M., “Authentication in Distributed Systems: Theory and Practice,” ACM Transactions on Computer Systems, Vol. 10, No. 4, Nov. 1992, pp. 265-310.
    Lim, C. P. and Barnes, S., “Those Who Can, Teach-The Pivotal Role of the Teacher in the Information and Communication Technologies (ICT) Learning Environment,” Journal of Educational Media, Vol. 27, No. 1-2, 2002, pp. 19-40.
    Lindsay, W. and Mclaren, S., “The Internet: an Aid to Student Research or a Source of Frustration?” Journal of Educational Media, Vol. 25, No. 2, 2000, pp.115-128.
    Liu, X., Chen, T., and Kumar, B. V. K. V., “Face Authentication for Multiple Subjects Using Eigenflow,” Pattern Recognition, Vol. 36, 2003, pp. 313-328.
    Mao, C. Z., Computers in Your Future 3(in Chinese), Gotop Information, Taipei, 2001, pp. 3-14.
    Oorschot, P. C. van and Wiener, M. J., “Parallel Collision Search with Cryptanalytic Applications,” Journal of Cryptology, Vol. 12, No. 1, 1999, pp. 1-28.
    Pirkul, H. and Gupta, R.,”Topological Design of Centralized Computer Networks,” Int. Trans. Opl Res., Vol. 4, No. 1, 1997, pp. 75-83.
    Ralph, C. M., “A Fast Software One-Way Hash Function,” Journal of Cryptology, Vol. 3, 1990, pp. 43-58.
    Renaud, K. and Angeli, A. D., “My Password Is Here! An Investigation into Visuo-Spatial Authentication Mechanisms,” Interacting with Computer, Vol. 16, 2004, pp. 1017-1041.
    Rivest, R. “The MD4 Message-Digest Algorithm,” RFC 1320, MIT LCS and RSA Data Security, Inc., Apr. 1992.
    Rivest, R., “The MD5 Message-Digest Algorithm,” RFC 1321, MIT and RSA Data Security, Inc, Apr. 1992.
    Ruffer, S. M., Yen, D., and Lee, S., “Client/Server Computing Technology: A Framework for Feasibility Analysis and Implementation,” International Journal of Information Management, Vol. 15, No. 2, 1995, pp. 135-150.
    Scheines, R., Leinhardt, G., Smith, J. and Cho, K. S., “Replacing Lecture with Web-Based Course Materials,” Journal of Educational Computing Research, Vol. 32, No. 1, 2005, pp. 1-26.
    Selwyn, N. and Brown, P., “Education, Nation states and the Globalization of Information Networks,” Journal of Education Policy, Vol. 15, No. 6, 2000, pp. 661-682.
    Stables, A., “Learning, Identity and Classroom Dialogue,” Journal of Educational Enquiry, Vol. 4, No. 1, 2003, pp. 1-18.
    Stallings, W., Cryptography and Network Security: Principles and Practices 3rd Edition, Prentice Hall, Upper Saddle River, N.J., Chapter 12, 2003, pp.380-413.
    Stinson, D., Cryptography: Theory and Practice, Chapman & Hall, Boca Raton, 2002, Chapter 4, pp.117-149.
    Sung, Z., Mimaxue (in Chinese), Multi-Channel, Beijing, 2002, pp. 136-151.
    Tanenbaum, A. S., Distributed Operating Systems, Prentice Hall, Englewood Cliffs, N.J., 1999, pp. 1-39.
    Tsai, M. J., “Do Male Students Often Perform Better Than Female Students When Learning Computers?: A Study of Taiwanese Eighth Graders’ Computer Education Through Strategic and Cooperative Learning,” Journal of Educational Computing Research, Vol. 26, No. 1, 2002, pp. 67-85.
    Tsai, M. J. and Tsai C. C., “Student Computer Achievement, Attitude, and Anxiety: The Role of Learning Strategies,” Journal of Educational Computing Research, Vol. 28, No. 1, 2003, pp. 47-61.
    Touch, J. D., “Performance Analysis of MD5,” ACM SIGCOMM Computer Communication Review, Vol. 25, Issue 4, Oct. 1995, pp. 77-86.
    Wang, Z. M., Linux Fedora Code 2 (in Chinese), King Information, Taipei, 2004, pp.1-2-1-4.
    Wasserman, E. and Millgram, Y., “Changes in the Approaches of Teachers Following Computerization of Schools,” Journal of Educational Computing Research, Vol. 32, No. 3, 2005, pp. 241-264.
    Wei, D., “Efficiency Comparison of the Most Commonly Used Cryptographic Algorithm”, 2004. http://www.eskimo.com/~weidai/benchmarks.html
    Wu, T. C. and Sung, H. S., “Authenticating Passwords Over an Insecure Channel,” Computer and Security, Vol. 15, No. 5, 1996, pp. 431-439.
    Wu, T. H., A Solution of Software Protection for Application Service Provider, thesis for master’s degree, Department of Computer Science and Information Engineering, Tung-Hai University, 2001.
    Yeh, H. T. and Sun, H. M., “Password-Based User Authentication and Key Distribution Protocols for Client-Server Applications,” The Journal of System and Software, No. 72, 2004, pp. 97-103.
    Zhang, F. G. and Kim, K. G., “Cryptanalysis of Lee-Hwang-Li’s Key Authentication Scheme,” Applied Mathematics and Computer, No. 161, 2005, pp. 101-107.
    Zilker, M. and Heimann, P., “High-Speed Data Acquisition with the Solaris and Linux Operating Systems,” Fusion Engineering and Design, Vol. 48, 2000, pp. 193-197.

    下載圖示 校內:2008-02-01公開
    校外:2010-02-01公開
    QR CODE