| With rapid development of global computer network user and the amount of information, all kinds of network applications are increasing. People's social life and economic life are more and more dependent on computer network. So, the security issue becomes a key problem of information industry. The security authentication platform based on PKI (Public Key Infrastructure) is the prerequisite to make it possible that network application expands to field of commerce and trade. It provides security of Peer-to-Peer, is mainly used to provide some security as authentication, data integrity, data confidentiality, and non–repudiation. The range of PKI application is very wide, including communication between Web Server and Web browser, E-mail, EDI (Electronic Data Interchange), credit trade online and VPN (Virtual Private Network) etc.The basic model of network security consists of the trusted third party, communication channel, and communication entity. Network attacking often occurs at the part of communication channel. PKI systems take CA (Certificate Authority) as the trusted third party, digital certificate based on public key encryption as communication entity's passport, to authenticate users and encrypt data in order to ensure the security of network.After researching and analyzing varieties of implementation of PKI system, a centralized PKI system is proposed in terms of requirements of capability, Usability, flexibility etc. The centralized PKI system uses Client/Server structure, take MySQL database server as certificate repository, runs on Windows and Linux or other UNIX-like operating systems. C++ is the programming language used to develop the system. OpenSSL is used to handle all tasks related to Certificate and cryptography workflow. The Server is the core and base of PKI system. It functionality mainly includes the entire workflow related to requesting, creating and delivering X.509 Digital Certificates and CRL. |
PDF Full Text Request