| Efficient operarion of information system must be based on information security, The security of information has already become the key of construction of information system. Information security is in demand increasingly. To apply theory of cryptology to solve information security effectively,a system have been designed to bind public key and entity info,that is PKI(Public Key Infrastructure).Public Key Infrastructure, a widely-used security technique, is made up of Certificate Authorities(CAs)which issue certificates to securely bind each entity to its public key, so it can develop and deploy authentication, integrity, confidentiality and non-repudiation services for internet application.In recent years,national CAs construction was focused on Trade CAs, Regional CAs and Business CAs, while the Enterprise CAs lack of attention. However, along with the gradually increase depends of the enterprise on the technology of Internet, there will be more and more requirements for this kind of CAs. This thesis is based upon enterprise lightweight certificate authority.The central task of this thesis is designing ang developing a enterprise lightweight certificate authority to award and manage digital certificates.ELCA software system realized on JAVA platform, obeying interrelated PKI criterion,basing on opening Bouncy Castle encryption package, applying SSL,LDAP,OCSP,EJB tachniques. ELCA adopts Role-Based access control and authentication technology of the challenge responding type based on the certificate,which radically guarantee its own security and independency.By providing services,such as producing key,key recovery,creating certificate,certificate issue,certificate revocation,publishing certificate and certificate revocation list,ELCA is a basically perfect CA.ELCA is composed of CA module,RA module,LOG module and SYSTEM module,which make it sharp in system,rational in structure.ELCA system Written exclusively in Java, ELCA can be run on any platform where a J2EE server is used. |
PDF Full Text Request