| The E-government is government affairs activity that carries on through the electronic information technology by the government bodies and organization at all levels of one country, its essence is through information technology changing government traditional centralized management, assigning layers of structure operational mode, in order to meet the needs of digitized society. The regional government of our country is developing E-government in a more cost-effective manner at present, nowadays launching Government Online Project. The online government should embody the authoritativeness too, issuing the online government decree, the circulating of the official documents both need the high and safe e-mail system to guarantee authority. But the e-mail system of the present mass use has natural security defects , so designing and realizing a safe e-mail system so as to ensure sensitive datum transferring becomes highly need urgently.On the basis of the analyse to mail protocols SMTP and POP3 deeply, combining the present latest technology of field of safety of information, a new-type safe mail system which combining software with hardware is putted forward in the thesis. Contrasting with the general safe mail system, the system is based on the ordinary mail agreement. Through public key infrastructure which offers confidentiality for opening application under the environment of the network, integrality , identity authentication and visit safe, the system has realized the confidentiality , integrality and undeniable transmitted based on SMTP and POP3 agreement.After providing the overall design of the safe mail, the thesis has discussed the design and realizing of certificate authority especially. Combining the specific background that PKI frame uses , a novel method which makes use of safe mail oneself to transmit the state of the certificates is put forward, it encapsulates the state of the certificates in the ordinary safe mail content. Analysis and test indicate that this method have both the advantages of the certificate revoking list and OCSP while avoiding the disadvantages. The certificate authority is characterized by a twinkling of an eye, it is only online when needing to distribute state of the certificates, other operation are operated off-line, thus realizes the distribution of the state of the certificates closing to real-time efficiency, and has reduced the potential safety hazard of online CA greatly.Mechanism involving key creating and managing is realized absolutely through hardware: PCI and UKey. As to CA main key, it makes use of PCI card to produce and back up ; With user key , all user key is managed by UKey. This eliminates...
|
PDF Full Text Request