Enterprise Network Security Platform Based On PKI

With the rapid development of information and network technology, network security is more and more important. So, How to insure Security Access and Management to Enterprise Network Resource has become a main task in domain of Network Security.We do research on the key problems in enterprise network security programs, and design an Enterprise Network Security Platform Based on PKI, which Provide secure access and secure management to enterprise network .In the period of study, we focus on three key problems:First, we analyze X.509 Authentication Protocol which can solve the problem of Identity Authentication, and find the bugs of its application. We add USBkey and Information-Binding to the protocol, USBkey ensure Private Key safety, Information-Binding make sure the Uniqueness of users. So, it improves the Practical value and Security of X.509 Authentication Protocol.Second, to solve the problems of Authority management and modification, we propose a compound digital certificate module, which integrates the advantage of PKI and RBAC in order to achieve uniform identity and authority certification.Third, to solve the Security issues of management in enterprise network, we design a security management module based on USBKey .It improves Centralized management model, and adds Identity Authentication, Authority management and security communication. The information transmitting between users and manager server is encrypted to ensure the security of data. Manager server and agents communicate with each other by the use of protocol we design, client submit the command to server, server converts the command and transmit it to agents, agent execute the background programs and return the results.In the implement of system, we apply Improved X.509 Authentication Protocol and Improved Compound Certificate Model to realize Security Access Sub-System, and use Security Management Model to realize Security Management Sub-System.