The Research On SSL Technology And Design Of Security Proxy

For electronic commerce,security is the most important problem. So people have produced some solutions.Among these solutions,SSL protocol(secure socket layer)beomes the supreme available because of it's simpleness and credibility. At present,some overseas companies have provided secure production abased on SSL.However,due to relevant export policy restrain,these commonly only support low-intensity algorithm.It is not good enough for SSL to adapt our practical needs.So research on commerce security is necessary and exigent.According to practice ,the thesis discusses SSL protocol and relevant technology.Firstly, the thesis analyses structure and practice statement of SSL.Handshake and record protocol process is our keystone.From following aspects,Cipher intensity and administration,digital signature and client rights,the thesis analyse security of SSL.At the same time,the system disadvantages are found.The concrete secure disadvantage lie in the following aspects.The first aspect is that symmetry and non-symmetry cipher is so short that SSL has no enough intensity.The second aspect is that no perfect cipher management process,algorithm-building method is not scientific,algorithm is easy to be attacked by others.The third aspect is that it has no certificate management function.No-symmetry authentication may cause some secure problem.The fourth aspect is that it has no digital signature,so the system can not authenticate the true and the false among electronic commerce.Further.for clients,it does not define client's rights limition.all these does not accord with concrete situation in life.Of course.the thesis offers some corresponding solution.Meanwhile the thesis provides many choice for improving efficiency.But these solutions are difficult to be put into practice because the SSL protocol is production of Netscape Company.Individual have no rights to improve the protocol.Not to mention,SSL protocol has been fixed in operating system.So,what we can do is that we try to make measure to compensate its disadvantage.By common practice.the practical solution that people daily use is Secure Proxy.The thesis offers one kind of high-intensity modularized design of secure proxy.The thesis particularly illustrates the proxy structure and its module.At last,it'spartial process is simulated.