| Key is the heart and core of all cryptologic systems, acts as the fundament in a cryptologic system. A good key management mechanism will effectively reduce the difficulties in the management of the whole cryptologic system, effectively improve the security level and manageability of the system and bring down the entire cost of information security. But the invention and fast development of computer networks is bringing great difficulties and challenges to key management, the background and platform of key management suddenly enters into a brand-new network environment which includes millions of communicating entities of different types. Among many solutions of key management, because of many good features and advantages it involves, Public Key Infrastructure (PKI) which is based on the Trusted Third Party (TTP) principle and public key cryptology effectively solves many kinds of information security problems. PKI is now the most important and most widely applied solution of key management under current network environment and also a hot spot in the research area of key management.In the exordium, we firstly introduce the background of the researching work, the difficulties of key management under the environment of computer networks, generally analyzing existing problems. And then we present a brief history of the development of PKI and its researching actuality inside and outside of the country in the end. In chapter two, we introduce some elementary and essential knowledge of cryptology and information security. In chapter three, we describe in detail the designing idea of PKI, basic construction and its operational principles, and then expatiate on what kinds of security services it provides and what security problems are solved by it. In the last implementation sector, we elaborate several international standards and protocols relating to the digital certificate, and then on the base of the former discussion and analysis, we implement an elementary function module of key management according with the X.500 and X.509 standards applying the cross-platform computer programming language, Java.In the dissertation, through detailed discussion and integrated analysis based on the documents thoroughly collected we present the entire system structure of a typical PKI platform, elaborate what security problems are solved by it, what kinds of security requirements are met with it concerning kernel aspects of key management under the public key environment. In the implementation part, we go in great detail on the complete procedure from the initial designing phase to the final implementation phase of an elementary certificate function module using the cross-platform computer programming language, Java, effectively solving the data structure representation of X.500 distinguished name and X. 509 standard certificate, finally forming a primary but meaningful exploration on the creation of standardized, cross-platform and transplantable certificate function module. |
PDF Full Text Request