| To ensure the information security in the time of Internet, An infrastructure based on the standard of Public Key Infrastructure has been brought forward overseas and adopted generally. In the PKI, the vital entity is digital certificate, which certifies the identity on Internet. The owner of digital certificate can produce his certificate to other people, web sites and network resources. The certificates help validating his legal identity, establishing the encrypted and credible communication with others. The certificates contribute to the public keys distribution. Every certificate is embedded with its owner's public key. All certificates of entities are issued by an authoritative organization-CA (Certificate Authority).This paper aims at further research on the theory of PKI systems and its related applications at the aspect of protecting information on Internet. It establishes an integrated CAsystem, which is characteristic of dual-certificate and key-manage- ment-separated. This paper gives the implementation of the management of digital certificates, which is the core of CAsystem, such as signing, issuing and revoking certificates. The CA manufactures digital certificates with necessary information, by cryptography of asymmetric key algorithms and symmetric key algorithms. It implements an infrastructure for issuing digital certificate to protect information, based on windows operating system, developed by advanced programme tool, which guarantees the confidentiality, authentication, integrity, non-repudiation of informa- tion. |
PDF Full Text Request