| PKI(Public Key Infrastructure) is thought a complete solution for network security at present. It can provide many network applications with all kinds of security service, such as authentication, confidentiality, information integrity and non-repudiation of transaction. PKI has been widely applied in fields which require high security, like banking, electronic government, etc.But, in many countries, digital signature is not accepted by law. This fact holds back popularization of PKI in e-commerce and business, and also become the main factor that slow down the development of e-commerce. It is believed that application of PKI in e-commerce and inside enterprise will develop rapidly after promulgation of Statue of Electronic Signature in China.At present, it is difficult to set up CA(Certificate Authority) inside enterprises because of the following reasons: Firstly, few PKI products are designed for Enterpirse application. Secondly, most enterprises do not have professional employees who are skilled at operating and maintaining PKI system. Thirdly, most enterprises can not afford high cost which public CA paid for securing their CA server.This article analyzed the necessity and possibility of setting up CA in bussiness organization. Then designed an open source PKI system: myCA, accomplished its softeware framework, realized its main functions, trying to prepare a solution for enterprise PKI application based on open source. This article describes the designing, architecture and application of the system inside enterprises, discusses how to build a secure environment for CA under enterprise condition.
|
PDF Full Text Request