节点文献
多级网络证书认证系统技术研究
The Study on Certificate Authentication Technology Based on the Multilevel Network
【作者】 王新文;
【导师】 王景中;
【作者基本信息】 北方工业大学 , 计算机应用技术, 2008, 硕士
【摘要】 本论文在安全管理平台的基础上,为安全管理平台中的工作人员构建一个证书认证系统,提供身份认证,数据安全传输,不可否认性,完整性等安全服务,形成一个可信任的安全环境,从而解决了安全管理平台面临的安全问题。论文首先对密码学中对称密钥密码算法、非对称密钥密码算法和散列函数等理论进行了研究,然后在密码学知识的基础之上深入了解了PKI(公开密钥基础设施)的相关理论和技术构架,最后结合具体项目将理论和实践相结合,完成了一种基于PKI技术的多级网络证书认证系统的设计方案。论文使用SSL技术实现了SSLSocket块,通过这个模块对所有的外部通信采用加密通信,保证信息安全;依托成熟的CA证书体系,采用国家密码委员会认可的加密技术和CA技术;CA采用层次式CA认证结构,方便系统的扩充和系统效率的提高;系统的设计采用模块化结构,方便以后系统功能的扩充。论文的在证书认证领域,对证书的申请、证书的审核、证书的签发、证书的撤销、证书的查询和证书废止列表(CRL)等功能,以及证书的应用如:签名,加密,信息摘要等进行了深入研究,从而使该论文具有较好的实用价值和应用前景。
【Abstract】 This thesis based on the secure management flat,design an certificate authentication system for the workers of the secure management flat,which provides secure services such as identity authentication,data secure transmission,non_denied,integrality.Though these services, we realize an trusty environment to solve the secure problem which the secure management flat falls across.At first,this thesis studies the theories of conventional encryption algorithms,public key cryptography and hash function.Then,it fully comprehends PKI theory and technology structure thoroughly based on encryption knowledge.Then,author studies and practices the design scheme of certificate authentication system based on multilevel network and the PKI.This thesis realized the SSLSocket modal with SSL technology,through which all external communication is encrypted to ensure information security;it,based on mature CA system, adopt encryption technology and CA technology recognized by country encryption committee.CA adopt level CA authentication structure to be convenient in system extension and improvement of system efficiency,the design use model structure to be convenient to extend the function of the system.The final fruit of the study is to realize the author realize the below functions such as certificate application、certificate auditing、certificate issue、certificate revoking、certificate query and certificate CRL,also to provide certificate application such as signature、encryption、and information digest.It possesses better applied value and application foreground.
【Key words】 Public Key Infrastructure; Certificate Authority; Asymmetric Encryption; Digital Certificate; Signature;
- 【网络出版投稿人】 北方工业大学 【网络出版年期】2008年 09期
- 【分类号】TP393.08
- 【下载频次】61