| With the development of Internet and the rise of Electronic Commerce, the communication between the undependable entities is frequently needed. So the security problem becomes more obvious. In order to ensure the Electronic Transaction, a trusted and secure environment of communication network is needed. The problem to be solved first in the course of Electronic Commerce is to build a secure framework. An integrated Electronic Commerce system consists of three parts including Merchant System, Payment System and Certification Authority (CA). Above them all, the CA is the most important part. By issuing the digital certification, CA can authenticate the identification of transactors, as well as ensure the security and integrality of information and the negation of transactions by encrypting the datas to be transmitted. Public Key Infrastructure (PKI) is a kind of safe system that is more reliable in guaranteeing the safety of network information at present. The user's Public Key and the identities can be binded together by issuing the Digital Certification with the third dependable institution----Certification Authority (CA). Thus, the PKI ensure the confidentiality and integrality of information and the negation of transactors.In the eye of security this thesis analyzes the constitution of the certification system, and does profound research on the encryption technology and its algorithm. Through researching into the technology of authentication and protocol, the paper presents a design model on the basis of Web certificate management system for the framework of Certification Authority of PKI. The medium and small sized corporations and the internal LAN are agreeable to set up their own applicable and economical Certification Authority by using the CA model. They can issue and manage the Digital Certificate for their users and achieve the client management in a high level. The structure of Client/Server is presented in this system. The Server is made up of CA server, RA server and LDAP server, and realizes the function of certificate applying, issuing, querying, repealing and validating. The genaral structure of CA, with its system functions and the realization solution of the system software by using the Java and OpenSSL are detailed discussed in the thesis.With the adoption of public Encryption, the problem of how to manage the keys is a question presenting to us. The traditional management way of the key is innovated in the model. Setting out from the angle of predigesting application while not losing the... |
PDF Full Text Request