引用本文: | 刘世栋,杨林,侯滨,等.基于CA的电子印章系统设计与实现.[J].国防科技大学学报,2003,25(1):26-30.[点击复制] |
LIU Shidong,YANG Lin,HOU Bin,et al.Design and Realization of the Secure CA-based Electronic Seal System[J].Journal of National University of Defense Technology,2003,25(1):26-30[点击复制] |
|
|
|
本文已被:浏览 6812次 下载 5498次 |
基于CA的电子印章系统设计与实现 |
刘世栋1, 杨林2, 侯滨2, 王建新2 |
(1.解放军理工大学 通信工程学院,江苏 南京 210016;2.总参第61研究所,北京 100039)
|
摘要: |
针对分布式层次化网络安全应用,提出了一种分布式简化严格层次结构的PKI信任体系模型,为网络应用提供有效的认证、访问控制、授权、机密性、完整性、非否认服务。在该信任体系模型基础上,提出并建立了由CA签发的发章证书概念,来保证CA所辖域中印章文件的安全。系统通过CA签发的电子印章来对网络中电子公文和印章文件进行数字签名、验证,并由加密证书保护电子公文加密密钥,通过授权服务器管理用户打印印章权限。 |
关键词: 网络安全 域 签发中心 注册中心 电子印章 |
DOI: |
投稿日期:2002-06-27 |
基金项目:国家部委资助项目(413150703) |
|
Design and Realization of the Secure CA-based Electronic Seal System |
LIU Shidong1, YANG Lin2, HOU Bin2, WANG Jianxin2 |
(1.College of Communication Technology, PLA, Nanjing 210016,China;2.The Sixty-first Academy, General Staff, Beijing 100039,China)
|
Abstract: |
To solve the distributed hierarchical network security problems, a distributed simple strictly hierarchical (DSSH) PKI trust model is presented. This model provides effective network security services such as authentication, access control, integrity, confidentiality, non-repudiation and so on. On the basis of the trust model, the concept of the issue-seal certification is presented and established to ensure the security of the seal file in the CA domain. The system implements the digital signature and verification of the electronic documents by the electronic seal. The key, which encrypts and decrypts the electronic documents, is protected by the encryption certification. Finally, the system implements the management of printing seal files abilities through the authority server. |
Keywords: network security domain Certificate Authority (CA) Register Authority (RA) electronic seal |
|
|
|
|
|