The security problem of the Web system in the Internet based Intranet and the shortcomings of the methods used in solving this problem are analyzed and our system model of Web communication security are discussed, i...The security problem of the Web system in the Internet based Intranet and the shortcomings of the methods used in solving this problem are analyzed and our system model of Web communication security are discussed, i.e, adding local proxy to browser and reverse proxy to Web server based on present Web browser and server. The transformation between HTTP message and secure HTTP message is implemented in these two proxy modules. The architecture and implementing method is given and the features of this module is also discussed.展开更多
Distributed certification via threshold cryptography is much more secu re than other ways to protect certification authority (CA) 's private key,and c an tolerate some intrusions. As the original system such as IT...Distributed certification via threshold cryptography is much more secu re than other ways to protect certification authority (CA) 's private key,and c an tolerate some intrusions. As the original system such as ITTC,etc.,is unsaf e ,inefficient and impracitcal in actual network environment,this paper brings u p a new distributed certification scheme,which although it generates key shares concentratively,it updates key shares distributedly,and so,avoids single-po in t failure like ITTC. It not only enhances robustness with Feldman verification and SSL protocol,but can also change the threshold (t,k) flexibly and robu stly,and so,is much more practical. In this work,the authors implement the prototype sy stem of the new scheme and test and analyze its performance.展开更多
文摘The security problem of the Web system in the Internet based Intranet and the shortcomings of the methods used in solving this problem are analyzed and our system model of Web communication security are discussed, i.e, adding local proxy to browser and reverse proxy to Web server based on present Web browser and server. The transformation between HTTP message and secure HTTP message is implemented in these two proxy modules. The architecture and implementing method is given and the features of this module is also discussed.
文摘Distributed certification via threshold cryptography is much more secu re than other ways to protect certification authority (CA) 's private key,and c an tolerate some intrusions. As the original system such as ITTC,etc.,is unsaf e ,inefficient and impracitcal in actual network environment,this paper brings u p a new distributed certification scheme,which although it generates key shares concentratively,it updates key shares distributedly,and so,avoids single-po in t failure like ITTC. It not only enhances robustness with Feldman verification and SSL protocol,but can also change the threshold (t,k) flexibly and robu stly,and so,is much more practical. In this work,the authors implement the prototype sy stem of the new scheme and test and analyze its performance.