【作者】 巩晶；

【导师】 郭庆平；

【作者基本信息】 武汉理工大学 ， 计算机应用技术， 2002， 硕士

【摘要】 随着Internet的飞速发展，诸如电子商务、电子政务、自动化办公等数字化应用正在世界范围内迅速崛起，人们的生产、生活方式正发生着深刻地变革。但伴随着网络应用的迅速发展，网络的安全问题也日益突现出来，严重制约着Internet及其相关网络应用的进一步发展。 Web本质上就是运行在Internet上的客户机／服务器应用程序。Internet上的各种网络应用几乎全部以Web的形式出现。由于Internet是一个开放的环境，各种信息将通过公共网络进行传输，因此保障Web系统安全的关键性问题之一在于保证信息的传输安全。本论文即为相关研究工作的总结。 针对Web系统中信息传输所面临的安全威胁，本论文提出了一种基于安全信道的信息传输方案，并详细阐述了该机制的设计、实现和调配的全过程。该安全信道通过综合运用X.509证书、密钥交换协议、对称密码算法和消息摘要等安全技术，保证了通信消息的机密性与完整性。整个安全信道建立在应用层上，使得该机制灵活高效，能针对不同文件的具体要求提供不同的安全服务。整个系统，无论服务端或客户端，全都采用Java技术实现。这使得系统可以提供真正的跨平台的系统集成服务，不仅有利于该机制与现有的Web系统整合，方便用户的应用，也有利于系统日后的扩展和维护，体现了Web技术的最新发展动向。 通过对安全信道的分析论证，该安全机制结构严谨，能有效抵御各种常见的安全攻击，具有较强的安全性能。由于该安全信道采用了最新推出的高级数据加密标准AES，使得该机制具有较高的起点，能在很长一段时期内提供可靠的安全保护。 理论和实践证明，通过使用安全信道，可以有效解决Web系统的信息传输安全问题，解除用户对于信息安全的顾虑，从而使得网络应用可以得到更快、更好的发展。该项研究为解决Web的安全问题进行了一个有益的探讨，其成果给出了一种新的Web安全问题的解决方案，有着切实的应用与发展前景。更多还原

【Abstract】 A number of the digital applications, such as E-business, OA, etc, are growing up in the global range along with rapid progress of Internet. The mode of life is also changing very profound. However, the status of the network security is becoming worse at the same time. Furthermore, the security problems restrict the farther development of the Internet.The Web is actually a giant client-server system in the Internet. Almost all the network application in the Internet present itself as the form of Web. Security of the information transmission is a key issue among others, since Internet is an open network. This thesis reflects my researches on this topic.According to some kinds of existed attacking methods that are aimed at the Web system, we propose a new scheme, which transmits the information through the security channel. The scheme is described in detail in the thesis. In order to ensure the secret and integrity of transmission, we synthetically use some security technologies, including X.509 certificate, the key exchange protocol, encryption and message digest. The security channel is built on the application layer. It can provide different services according to different request. The whole system is implemented with Java, so it can offer the true cross-platform systems solutions. Not only it can be easily incorporated into the exited Web system, but also it can easily maintain in the future. This programming style is the trend of developing Web system.The analytical results indicate that the security channel has the compact structure and the best security. It can resist exited diversified security attacks. Since Advanced Encryption Standard is adopted, the security channel has a very good security. This mechanism will be effective in a long time.With the security channel, the problem of information transmission in the Web System can be well resolved; thus the network application will develop more quickly than today. In short, we propose a new scheme for resolving the problem of security. This scheme can be put into practice and it has a broad prospect.更多还原