| Summary: | Aiming at the requirement of the safe transmission of authentication credentials and the privacy preserving in service orientied multi-domain collaboration environment, a privacy-preserving authentication protocol for service invocation based on the provable secure certificateless aggregate signcryption scheme was proposed. By the path of the service invocation, the authentication information has been signcrypted successively, ensuring that the service providers can dynamically and orderly join in the process of service invocation authentication. The credentials and shared information can be safely transmitted respectively by the aggregate signcryption scheme and Diffie-Hellman algorithm, thus the SOAP message only can be decoded by specified acceptor, which is suitable for controlling the disclosure scope of the privacy information. Simultaneously, the public verifiability of CLASC can ensure that the validity of the aggregate signcryption can be verified by other service providers. The length of the SOAP message is shorter than existed protocols, which improve the transfer efficiency.
|
|---|