The Research On Certificate Path Process Based On Server In Distributed Environment

Relying Party can efficiently validate certificate is the base that Public Key Infrastructure can widely be used in secure communication. In distributed environment we need efficiently and secure constructue certificate path to obtain object certificate.We present the thory of certification path process and analyse some typical certification path process mechanism . We present these mechanism's drawbacks.We draw a conclusion that using server can efficiently simply client's run and maintenance and implementing certification path construction and validation in client can improve the PKI's ability to resist Defuse Of Server and spoofing attack.Dynamic Path Determination is based on cross-certification to achieve inter-domain interoperatibility. The drawback is that the number of cross-certification will squarely increase with the increase.of domain's number and it is bad for management and maintenance. We put forward Dynamic Path Determination based on Certification Chooser Server. The new method achieve inter-domain interoperatibility with Bridge Certification Authority. So the number of cross-certification will lineably increase with the increase.of domain's number. And we use cerficate chooser server to access depository with HTTP,LDAP and FTP etc. So client need not to access despository when we process certificate path. And we simplify client in this way. At the same time we present an algorithm about path construct in BCA environment. Then we analyse the new method and contrast new one with old one. And we analyse the new method's capability through a simulated experiment.We present and analyse BBK subject trust model.BBK present a method for the valuation of trustworthiness,but the combination of recommendation trust of it can not effectively resist the effect of malicious recommendation.In this article in term of the assumption that the quantity of benign recommendation paths is much bigger than malicious ones and the value of benign recommendation is much bigger than malicious ones,it classifies the recommendation values in term of similar degree parameter S_degree and choose the bigger group to combine,so it can exclude malicious recommendation which is smaller and can effectively resist the effect of malicious recommendation.Certification path construction optimization is a method that use certificates' message to choose the most possible certificate path which can be validated. And now the problem is that all methods can not distinguish between the most possible and the more possible. For the purpose of solve this problem we introduce improved BBK subject trust model into certification path construction optimization.