摘要
Web正成为公司和组织内部以及和外界传播信息的主要方式 .信息发布通常在Web服务器端采用XML文档的形式 ,或者通过Web服务器将XML文档主动发送给感兴趣的客户端 .这些文档通常含有程度不同的敏感信息 ,所以必须有一个强大的XML安全平台和机制 .在本文中我们提出了CIT/XML安全平台 ,并详细介绍了CIT数字签名 ,CIT加密模型 ,CIT智能卡加密和SPKI接口安全模型的语义和处理 .提供了对在各种服务器间交换的XML文档以及非XML文档的安全服务 ,如认证。
Today companies and organizations are using the Web as the main informationdissemination means both at internal and external level. Information dissemination often takes theform of XML documents that are made available at Web servers, or that are actively broadcasted byWeb servers to interested clients. These documents often contain information at different degrees ofsensitivity, therefore a strong XML security platform and mechanism is needed. In this paper wedeveloped CIT/XML security platform and take a close look to syntax and processing of CIT/digitalsignature model, CIT/encryption model, CIT/smart card crypto and SPKI interface security models.Security services such as authentication, integrity and confidentiality to XML documents and non-XMLdocuments, which exchanged among various servers, are provided.
基金
TheprojectsupportedbytheNationalNaturalScienceFoundationofChina (5 97895 0 2 )and 863High TechR&Dprogram (863 -5 11-0 3 0 -0 0 6)