摘要
PKCS#11是目前应用广泛的基于硬件加密设备的接口标准。文中简要介绍了PKCS#11通用模型,详细分析了密码组件接口层次模型,设计了该层次模型中具有树形结构的层次链接关系,使用配置文件和动态链接实现了该链接关系,最后针对动态库有可能被替换和反汇编等的安全性问题提出了解决方案。实验结果表明,在同时使用多种类型密码设备时,按照该层次模型开发的软件降低了层次间的耦合度,增强了系统的扩展性。
PKCS#11 is a widely-applied crypto device standard. A general model of PKCS#11 is introduced briefly, and the cryptographic token Interface-level model in PKCS#1 1 is analyzed in detail. Then the link relation with arborous radar in the interface-level model is designed, and this link relation is realized with configuration file and dynamic link. Finally, a solution to security problem that the dynamic library is probably replaced and disassembled is proposed, Experimental results indicate that the software based on this interface-level model could reduce the coupling degree and strengthen expansibility of the system.
出处
《信息安全与通信保密》
2013年第9期87-89,共3页
Information Security and Communications Privacy
