摘要
利用普遍适用的安全体系原理,针对保密通信网这类对安全保密性能有特殊要求的网络系统,提出一种可以满足安全需求的解决方案。尽管保密通信网在功能和管理方式上有别于标准的Internet网络,但可以综合、合理地运用CA数字证书以及现有的各种加密算法仍可设计出安全性较好的网络安全策略。在此基础上,研究了通信保密网CA原型系统,设计了通信保密网CA系统。由于在保密网内部要实现认证过程相对比较简单,以及在证书生存以及管理方面可以简单考虑,同时证书申请分发、查询、废止的策略可以自行制定,没有标准的数字证书管理所要遵循的标准的复杂,并设计了该原型系统。
Aimed at secrecy transmission which has special requirements for the safety and secrecy,we proposed a solution scheme to fulfill the security requirements taking advantage of universal safety systematic principles.Although secrecy transmission is different from the standard Internet in the aspects of functions and supervisor mode,it can design web safety strategies with good security by utilizing CA digital certificate and the varied existing encryption algorithm comprehensively and reasonably.We studied the prototype system of CA communicate security web and designed communication security CA system.As the authentication procedure within the security web is relatively simple and it can be taken simply on the aspects of certificate survival and govern, the strategies for the certificate applying for distribution,query,abolishment can be made by inner parts without any complex standards to which standard digital certificate has to comply.
出处
《中国西部科技》
2011年第26期36-37,64,共3页
Science and Technology of West China
关键词
证书机构
数字证书
RSA
保密
通信
Certification authority
Digital certificate
RSA
Confidentiality
Communication
