摘要
在病毒、木马泛滥的情况下,智能卡终端的安全性得不到保障,因此在智能卡私钥文件的生命周期中(如产生、更换、撤销过程)仍然存在安全风险,导致以私钥安全为核心的各类PKI应用出现各种问题。为此,介绍原有智能卡安全体系,对私钥在整个智能卡生命周期中的使用进行研究,并对潜在的风险进行全面分析,提出一种基于生产公钥证书的智能卡私钥保护方案。
As the viruses and trojan horses are in flood, the security of smart card terminals can not always be guaranteed. Some risks may still exist in life cycle of the private key file such as generation, replacement and revocation process, resulting in various types of problems in the Public Key Infrastructure(PKI) applications based on private-key as a core. This paper elaborates the original security system of smart card, then conducts the research to the private key's use process in the entire smart card life cycle, caiTies on comprehensive and the thorough analysis to the latent risk, and proposes a smart card private key protection solution based on the production public key certificate.
出处
《计算机工程》
CAS
CSCD
北大核心
2011年第15期106-109,共4页
Computer Engineering
基金
国家"863"计划基金资助项目(2008AA01Z412)
关键词
智能卡
公钥基础设施
私钥
智能卡操作系统
生命周期
smart card
Public Key Infrastructure(PKI)
private key
Card Operating System(COS)
life cycle
