【作者】 栾燕；

【导师】 张继荣； 肖立贤；

【作者基本信息】 湖南大学 ， 软件工程， 2007， 硕士

【摘要】 随着计算机网络应用的普及和电子商务的发展,互联网已经成为了人们生活的一部分,由于网络的开放性,如何保障网络上信息交互的安全性,如何解决可信问题以及用户身份认证、授权问题已经成为人们关心的话题和各国政府、企业关注和研究的重要课题。公钥基础设施(Public Key Infrastructure,PKI)是目前公认的保障网络社会安全的最佳体系。PKI是基于公开密钥理论和技术建立起来的安全体系,是提供信息安全服务的具有普适性的安全基础设施。PKI作为国家信息化的基础设施,是相关技术、应用、组织、规范和法律法规的总和。PKI的核心是要解决信息网络空间中的信任问题,确定信息网络空间中各种经济、军事和管理行为主体身份的唯一性、真实性和合法性,保护信息网络空间中各种主体的安全利益。公钥密码系统所支持的安全机制包括机密性,完整性,授权和认证。但是,这些安全机制必须通过仔细规划基础设施来管理。公开密钥基础设施是各种应用程序、系统和网络安全的基础,是全局安全策略的基础。本论文的主要研究工作包括;1)在对传统PKI认证模型分析的基础上,介绍了一种新型的PKI安全认证模型的框架结构。并结合现有的国家政府体系,分析研究了适合于政府体系现状的PKI安全认证模型。2)介绍了一种网格环境下基于PKI的CA单向和双向认证方法,为CA认证提供了一种优越的可信途径,防止因为认证过于繁琐而产生的各种问题,并介绍了两个针对单向和双向认证的实例。3)给出了一种PKI在网络环境下的实际应用即文件加密平台和文件加密锁的研究开发。更多还原

【Abstract】 With the popularization and development of e-commerce of network application of the computer, Internet has already become very important in people’s life. With the opening of network, how to ensure the security of mutual information, how to solve the trust and user’s identity authentication , the question of authorize become the topic that people care about and important subject which the government, enterprise of various countries pay close attention to and study.Public Key Infrastructure is the best system of the present guarantee network social safety. PKI can solve most security problems, and has formed a set of intact solutions tentatively, it establishes the system of security that stands up public key theory and technology, general and right security infrastructure offered information security service, such as the whole development strategies of the E-government, e-commerce and national informationization, etc. PKI, as the infrastructure of the national informationization, is the total of relevant technology, using, organizing, standardizing and laws and regulations. The core of PKI is to solve the trust problem in the information cyberspace, confirm various kinds of economy , military and only , authenticity and legitimacy of the identity of administration behavior subject (include organizations and individuals) in information cyberspace, protect the security interests of different subjects in information cyberspace.Public key cryptography supports security mechanisms such as confidentiality, integrity, authentication, and non-repudiation. However, to successfully implement these security mechanisms, these security mechanisms must be managed by carefully plan an infrastructure. A public key infrastructure (PKI) is a foundation on which other applications, system, and network security components are built. A PKI is an essential component of an overall security strategy that must work in concert with other security mechanisms, business practices, and risk management efforts.The main innovative achievements are described as follows:1) A new PKI secure Certification model is presented with emphasis on the architecture of the PKI secure certification model, based on analyzing the normal PKI Certification model. It provides a new valuable way of the construction of the national-level PKI secure certification model in the open networks. 2) A new CA unilateral certification and Bidirectional Certification based on PKI are present on the Grid environment. It can provide a good trusted way to avoiding various problems caused by a lot of certifications.3) The research of PKI Secure Certification Model and Application on the Internet Environment, Design and Develop of Lock of File Encrypting Based on public Key Infrastructrue.更多还原