摘要
针对电子招投标系统的安全保密要求,考虑了电子招投标系统的安全体系设计问题。首先通过研究电子招投标的流程,分析了电子招投标系统的安全性,指出了电子招投标系统的文件存储和传输存在机密性、完整性和时效性的问题,进而说明了系统在登录认证、信息传输的机密性、信息传输的完整性和有效的责任机制上的安全性要求。根据电子招投标系统的安全性需求,阐述了基于公钥基础设施、身份认证、加密和数字签名技术的电子招投标系统的安全体系设计方案。应用结果表明了所提出的电子招投标系统的安全体系是有效的。
To meet the demands of safety and security of E-bidding system, the design of security architecture is taken into account for E-bidding system. By exploring the process of E-bidding system, the system security has been analyzed to show that there exist problems of confidentiality, integrity and timeliness in the system when documents are being stored or transported. Then the security and safety demands are detailed in terms of authentication, confidentiality, integrity and effective responsibility mechanism. From these demands, the design of security architecture is given for E-bidding system basing on the technologies of public key infrastructure, authentication, encryption and digital signature. The application results show that our proposed security architecture is effectives.
出处
《科学技术与工程》
2008年第13期3649-3652,共4页
Science Technology and Engineering
关键词
电子招投标
公钥基础设施
身份认证
加密
数字签名
E-bidding
PKI(public key infrastructure)
authentication
encryption
digital signature
