摘要
公钥基础设施是目前网络上提供安全保证的主要手段,为网络应用搭建相互信任及数据安全的基础平台。在中国PKI/CA的建设中,存在CA繁多、地域性和行业性明显等特点。为了减少重复建设的费用以及因为证书标准不同造成的使用障碍,需要设计一套能灵活配置的CA。文中通过基于参数策略库的通用接口框架,实现了CA系统运算算法、证书编码和存储介质的可扩展性。
PKI/CA is still the main method of web security and builds up a basic platform of mutual trust and secure data for web application. In domestic PKI/CA building,there exist some obvious characteristics like CA variety,regionalism and industrialization. To reduce the expense of repeated building and the inconvenience resulted from different certificate standard,it is necessary to design a set of flexible CA. This paper describes how to realize the expansibility of CA system algorithm,certificate coding and storage medium through the universal interface based on parameter policies.
出处
《信息安全与通信保密》
2014年第9期79-82,86,共5页
Information Security and Communications Privacy
