èŠ‚ç‚¹æ–‡çŒ®

åŸºäºŽPKIçš„åŠžå…¬è‡ªåŠ¨åŒ–ç½‘ç»œä¿¡æ¯å®‰å…¨ç ”ç©¶

åˆ†é¡µä¸‹è½½
åˆ†ç« ä¸‹è½½
æ•´æœ¬ä¸‹è½½
åœ¨çº¿é˜…è¯»
ä¸æ”¯æŒè¿…é›·ç‰ä¸‹è½½å·¥å…·ï¼Œè¯·å–æ¶ˆåŠ é€Ÿå·¥å…·åŽä¸‹è½½ã€‚

ã€ä½œè€…ã€‘ é™ˆé›¨å©•ï¼›

ã€ä½œè€…åŸºæœ¬ä¿¡æ¯ã€‘ åŽä¸œå¸ˆèŒƒå¤§å¦ ï¼Œ è½¯ä»¶å·¥ç¨‹ï¼Œ 2008ï¼Œ ç¡•å£«

ã€æ‘˜è¦ã€‘ éšç€è®¡ç®—æœºç½‘ç»œæŠ€æœ¯å’Œé€šä¿¡æŠ€æœ¯åœ¨ç”µåæ”¿åŠ¡ã€ç”µåå•†åŠ¡çš„å¹¿æ³›åº”ç”¨,åŠžå…¬è‡ªåŠ¨åŒ–ä¸ºä¼ä¸šæˆ–æ”¿åºœçš„ç®¡ç†å’Œå†³ç–æä¾›äº†ç§‘å¦çš„ä¾æ®ã€‚ä½†æ˜¯ä¿¡æ¯å®‰å…¨ä¿å¯†é—®é¢˜ä¹Ÿæ—¶åˆ»ä»¤äººæ‹…å¿§,åŠžå…¬è‡ªåŠ¨åŒ–ç³»ç»Ÿä½œä¸ºä¿¡æ¯ç½‘ç»œçš„ä¸€ä¸ªç‰¹æ®Šåº”ç”¨é¢†åŸŸ,è¿è¡Œç€å¤§é‡éœ€è¦ä¿æŠ¤çš„æ•°æ®å’Œä¿¡æ¯,æœ‰å…¶è‡ªèº«çš„ç‰¹æ®Šæ€§,å¦‚æžœç³»ç»Ÿçš„å®‰å…¨æ€§è¢«ç ´å,é€ æˆæ•æ„Ÿä¿¡æ¯æš´éœ²æˆ–ä¸¢å¤±,æˆ–ç½‘ç»œè¢«æ”»å‡»ç‰å®‰å…¨äº‹ä»¶,å¯èƒ½å¯¼è‡´ä¸¥é‡çš„åŽæžœã€‚å¦‚ä½•ä¿è¯åŠžå…¬è‡ªåŠ¨åŒ–ç³»ç»Ÿåœ¨ç½‘ç»œçŽ¯å¢ƒä¸‹æ•°æ®ä¿¡æ¯ä¼ è¾“çš„åŠæ—¶æ€§ã€å®Œæ•´æ€§ã€æœºå¯†æ€§å’Œä¸å¯å¦è®¤æ€§,å·²æˆä¸ºå½“å‰ç½‘ç»œä¿¡æ¯å®‰å…¨é¢†åŸŸå†…ç ”ç©¶çš„ä¸»è¦è¯¾é¢˜,åŸºäºŽå…¬å¼€å¯†é’¥å¯†ç ç†è®ºå’ŒæŠ€æœ¯å»ºç«‹èµ·æ¥çš„PKIè¾ƒå¥½åœ°ä¸ºè§£å†³è¿™ä¸€é—®é¢˜æä¾›äº†ä¿éšœã€‚PKIæŠ€æœ¯é‡‡ç”¨è¯ä¹¦ç®¡ç†å…¬é’¥,é€šè¿‡è®¤è¯ä¸å¿ƒCA,è§£å†³äº†ç½‘ç»œä¸å¯†é’¥ç®¡ç†å’Œèº«ä»½è®¤è¯é—®é¢˜,å¹¶å®žçŽ°äº†æ•°æ®çš„åŠ /è§£å¯†å’Œé‰´åˆ«,ä¿è¯äº†ç½‘ç»œå®‰å…¨çš„å¯é å®žçŽ°ã€‚è®ºæ–‡é€šè¿‡å¯¹PKIç›¸å…³ç†è®ºå’ŒæŠ€æœ¯çš„ç ”ç©¶,åˆ›æ–°æ€§åœ°å°†PKIæŠ€æœ¯åº”ç”¨äºŽåŠžå…¬è‡ªåŠ¨åŒ–ç½‘ç»œ,è®¾è®¡å¹¶å®žçŽ°äº†ä¸€ä¸ªå…·æœ‰è¾ƒé«˜å®‰å…¨æ€§ã€é€šç”¨æ€§å’Œå¯æ‰©å±•æ€§çš„å¯†ç æœåŠ¡ç³»ç»Ÿã€‚è¯¥ç³»ç»Ÿèƒ½æ ¹æ®PKCSæ ‡å‡†å‘æ”¾å’Œç®¡ç†è¯ä¹¦ã€äº§ç”Ÿå’Œç®¡ç†å¯†é’¥,å¹¶ä¸ºç”¨æˆ·æä¾›PKIæœåŠ¡ã€‚ä¸»è¦è´¡çŒ®å¦‚ä¸‹:(1)åˆ†æžäº†åŠžå…¬è‡ªåŠ¨åŒ–ç³»ç»Ÿä¸å˜åœ¨çš„å®‰å…¨é—®é¢˜,è¯¦ç»†è®ºè¿°äº†åŠžå…¬è‡ªåŠ¨åŒ–ç³»ç»Ÿä¸Žç½‘ç»œå®‰å…¨ã€å¯†ç æŠ€æœ¯ä¸Žç½‘ç»œä¿¡æ¯å®‰å…¨ä¹‹é—´çš„å…³ç³»,æå‡ºäº†åŠžå…¬è‡ªåŠ¨åŒ–ä¿¡æ¯å®‰å…¨æœ‰æ•ˆçš„è§£å†³æ–¹æ¡ˆ;(2)æ·±å…¥ç ”ç©¶å’Œè®¨è®ºäº†æ‰€æ¶‰åŠçš„å¯†ç ç†è®ºç›¸å…³çŸ¥è¯†åŠPKIçš„ç›¸å…³ç†è®ºå’Œä½“ç³»ç»“æž„,å¯¹CryptoAPIå’ŒCDSAè¿›è¡Œäº†ç ”ç©¶å’Œæ€»ç»“ã€‚æå‡ºäº†åŸºäºŽPKI/CAçŽ¯å¢ƒçš„OAç³»ç»Ÿè®¾è®¡åŽŸåˆ™,å¹¶åœ¨è€ƒè™‘åŠžå…¬è‡ªåŠ¨åŒ–ç½‘ç»œçš„ç‰¹æ®Šæ€§åŸºç¡€ä¹‹ä¸Š,æ ¹æ®å®žé™…ç½‘ç»œä¸çš„è¿è¡Œéœ€æ±‚,è®¾è®¡äº†ä¸€ä¸ªåŸºäºŽPKI/CAæœºåˆ¶çš„å®‰å…¨æœåŠ¡ä½“ç³»ç»“æž„;(3)æ ¹æ®ç³»ç»Ÿçš„éœ€æ±‚,åœ¨æå‡ºçš„å®‰å…¨æœåŠ¡è§£å†³æ–¹æ¡ˆå’Œå®‰å…¨æœåŠ¡ä½“ç³»ç»“æž„çš„åŸºç¡€ä¹‹ä¸Šè®¾è®¡äº†ä¸€ä¸ªå¯†ç æœåŠ¡å™¨,ä¸»è¦åŒ…æ‹¬:å…¬å…±å®‰å…¨æŽ¥å£PSIã€ç®¡ç†è°ƒåº¦å•å…ƒã€å®žæ—¶ç›‘æŽ§å’Œæ—¥å¿—å•å…ƒã€å¯†ç æœåŠ¡å•å…ƒ,å¹¶è¯¦ç»†ä»‹ç»äº†å…¶æ ¸å¿ƒéƒ¨åˆ†å¯†ç æœåŠ¡å•å…ƒå„æ¨¡å—çš„å®žçŽ°è¿‡ç¨‹;(4)åœ¨å®žéªŒå®¤æ¡ä»¶ä¸‹å¯¹å¯†ç æœåŠ¡å•å…ƒè¿›è¡Œäº†ä»¿çœŸæµ‹è¯•,æµ‹è¯•ç»“æžœæ»¡è¶³ç†è®ºè¦æ±‚ã€‚æ›´å¤š è¿˜åŽŸ

ã€Abstractã€‘ With the widespread application of the computer network technology and the communication technology in the electronic government affairs and the electronic commerce, Office automation have provided the science basis for the enterprise or governmentâ€™s management and the decision-making. But we are anxious to the information security, as the special application domain in the information network, the office automation system is moving the data and the information which massive needs to protect. It has its own particularity. If the system security is destroyed and creates the sensitive information exposition or loses, or the network is attacked and so on, it possibly causes the serious consequence. How to guarantee timeliness, the integrity, the confidentiality and undeniable of the office automation systems to transmit data message under the network environment has become the main topic in the current network information security domain. PKI which based on the public key password theory and the technology provides the safeguard well to solve this problem.Using the certificate management public key, through authentication center CA, the PKI technology has solved the key management and the status authentication in the network, and has realized the data Canadian/decipher and the distinction, and has guaranteed the network security reliable realization.Through the research on PKI theories and the technical, the paper innovatively applies the PKI technology to the office automation network and designes and realizes password service systemwhich has the high security, the versatility and the extendibility. According to the PKCS standard, this system can provide and manage certificate, produce and manage the key, and provides the PKI service for the user. The main contribution is as follows:(1)The thesis has analyzed the security problem which exists in the office automation system, elaborated the relations among the office automation system and the network security, the password technology and the network information security relations in detail, and proposed the effective solution to the office automation information security.(2)The thesis thoroughly studied and discussed the password theory knowledge and the PKI theories and the architecture, and researched and the summarized the Crypto API and CDSA. and proposed design principle of OA system based on PKI/CA the environment, and on considering particular foundation of the office automation network, according to the network demand in movement, has designed a safe service architecture based on the PKI/CA mechanism.(3)According to the system demand, based on the safe service solution plan and the safe service architecture which proposed, it has designed a password service including: Public interface PSI, scheduling management unit, real-time monitoring and log unit, the password service unit, and details of the core of the password server ,password service unit in the process of the realization of the modules.(4)It carried on the simulation test to the system under the laboratory condition and the test result has satisfied the theory request.æ›´å¤š è¿˜åŽŸ

ã€å…³é”®è¯ã€‘ åŠžå…¬è‡ªåŠ¨åŒ–ï¼› åŠ å¯†ï¼› è§£å¯†ï¼› PKIï¼› æ•°å—ç¾åï¼›
ã€Key wordsã€‘ Office automationï¼› Encryptionï¼› Decryptionï¼› PKIï¼› Digital signatureï¼›

ã€ç½‘ç»œå‡ºç‰ˆæŠ•ç¨¿äººã€‘ åŽä¸œå¸ˆèŒƒå¤§å¦

ã€åˆ†ç±»å·ã€‘TP393.08
ã€è¢«å¼•é¢‘æ¬¡ã€‘1
ã€ä¸‹è½½é¢‘æ¬¡ã€‘213
æ”»è¯»æœŸæˆæžœ

çŸ¥ç½‘èŠ‚ä¸‹è½½

èŠ‚ç‚¹æ–‡çŒ®ä¸ï¼š

æœ¬æ–‡é“¾æŽ¥çš„æ–‡çŒ®ç½‘ç»œå›¾ç¤º:

æœ¬æ–‡çš„å¼•æ–‡ç½‘ç»œ

èŠ‚ç‚¹æ–‡çŒ®

èŠ‚ç‚¹æ–‡çŒ®

åŸºäºŽPKIçš„åŠžå…¬è‡ªåŠ¨åŒ–ç½‘ç»œä¿¡æ¯å®‰å…¨ç ”ç©¶

æœ¬æ–‡é“¾æŽ¥çš„æ–‡çŒ®ç½‘ç»œå›¾ç¤º:

åŸºäºŽPKIçš„åŠžå…¬è‡ªåŠ¨åŒ–ç½‘ç»œä¿¡æ¯å®‰å…¨ç ”ç©¶