摘要
通过公钥概念和技术实施的提供安全服务的PKI(Public Key Infrastructure)作为Internet安全解决方案得到了越来越多的应用。PKI的主要目的是通过管理密钥和证书,可以为用户建立起一个安全的网络运行环境,使用户可以在多种应用环境下方便地使用加密和数字签名技术,从而保证网上数据的机密性、完整性、有效性。证书撤销技术是制约PKI大规模发展的瓶颈之一,国内外对主流之一的OCSP(Online Certificate Status Protocol)撤销机制的风险研究却尚未开展起来。综合分析了OCSP机制的安全风险和防范措施,填补了在此领域的空白。
Using public key concepts and techniques, PKI (Public Key Infrastructure), implemented for offering security services, as one of Internet security solutions gains more and more applications. The main purpose of PKI technology is to establish a secure network environment for users by key and certificate management, they can conveniently use encryption and digital signature technology in a variety of applications conditions, thus ensure the confidentiality,integrity and effectiveness of online data. Certificate revocation technology is a bottleneck restricting the development of large-scale PKI. Study on risk for one of the mainstream revocation mechanisms OCSP ( Online Certificate Status Protocol) has not yet carried out in both domestic and abroad. In this paper, the analysis of security risks and preventive measures for OCSP will fill the gaps in this area.
出处
《计算机应用与软件》
CSCD
北大核心
2008年第11期1-2,11,共3页
Computer Applications and Software
基金
国家自然科学基金(60373021)
