| With the development of Internet and occurrences of many kines of network applications, security of network becomes more and more important.Public Key Infrastructure(PKI) is the key and the foundation for the instruction fo network secrutiy, it ensures the security of implementation of e-Government and e-Business. However, the deployment of PKI is not easy, and the interoperation between different PKI system is not convenient. These drawbacks limit the PKI from wide usage.For the purpose of resolving the problems, a new kind of standard which was called XML Key Management Specification was issured. It inserts an abstract tier into the two tier of traditional PKI, and the process of keys and certificates is delegated to the middle-tier, XKMS turst service.The thesis first introduces the basis of XKMS, the PKI, and analysis the drawbacks. Then the XKMS Specification was researched and analysed in detail on the base of the analysis of XML technology.According to the above, the thesis implement an XKMS trust service system conformed to XKMS2.0, which is easy to use, easy to maintain, easy to extend. And the performance of this system is analysed. The thesis describes the detail of the construction and management of keys/certificates and XKMS messages, the way of interaction between turst service and PKI provider. At last, the security consideration in XKMS Specification is discussed.
|
PDF Full Text Request