Information security's significance is more and more prominent in the software system of bank, telecom and government, it requires very high security. Because information security increasingly affect economy deeply. research to its key technolgies, especially its basic theory and application is of importance and pressure. This thesis focus on its two basic theory, one is cryptography , it is a foundation of modern information security; the other is security protocol, its aim is ensure authentication security integrity and non-repudiation of network communication protocol , and it is very important to software system. What's more, this thesis use formal method to analyze and verify security protocol , formal method is regraded as a strict and valid method. Then we will present a security architecture model of e-bank application system based on J2EE, it provides guarantee to software system of bank, telecom and government. According to these research aims, this paper mainly conduct following works: (1)Research basic theory and key technologies of cryptography and information security(2)According to the difficulty of security protocol analysis and design, we discuss formal methods of security protocol at present(3)Using BAN logic analyze NSSK protocol, according to a deficiency of NSSK protocol we pose a improving method , and optimize it(4)Using Kailar logic analyze CMP protocol and point to its characteristic and limitation(5) Research core Java security module and its class libraries(6)According to the judgment that "if no overall security design and deploy there is no computer information security", we pose a security architecture model founding on four layers e-bank application system...
|