| PKI is an excellent technology in resolving the security problem of open networkenvironment. It developed quickly and received great attention in last decade. Butbecause it covers numerous fields, such as cryptography, network etc, and its structureis complex, PKI is hard to implement and use which restricts its further development.Web Services is a new distributed computing model. By using powerful neutralbase technologies such as XML, SOAP etc, Web Services has made heterogeneity notan obstacle for distributed applications and may become the trend of distributed com-puting. But there are still many problems that prevent its wider adoption. Among therest, security is a key problem.This thesis introduces Web Services technology into PKI, studies how to realizePKI's services in the form of Web Services. Based on the Internet X.509 PKI definedby the IETF PKIX working group, we did the following concrete works, which are alsothe main contributions of this dissertation.? A general-purpose certificate/CRL store access Web Service, which supportskeyword-based queries, is defined and implemented.? OCSP is analyzed in detail. The protocol messages are described anew in usingXML Schema. Based on the new format, the OCSP responder Web Service isdefined and implemented.? Basedonotherswork,PKIX'sTSPprotocolisanalyzedinmoredetailed. Similarto OCSP, the protocol messages are described anew in using XML Schema andthe Time-Stamp Service is defined and implemented.? The architecture of Web Services security is studied brie?y. The relationshipbetween Web Services security and PKI, especially our defined services, is dis-... |
PDF Full Text Request