| PKI (Public Key Infrastructure) is thought a complete solution for network security at present .It can provide many network applications with all kinds of security service, such as authentication, confidentiality, information integrity and non-repudiation of transaction. The kernel component of PKI is Certification Authority (CA), CA is one of the hotspots for current security researches on network, and its implementation is of signification practical value and social value. This selected topic goal satisfies the market demand, has designed in an enterprise network digital certificate system.This article consults massive domestic and foreign reference foundation, combines the special details of the enterprise information construction, the enterprise information security demand , discusses the design and realization the enterprise information network digital certificate authentication system, establishes the authentication center of the enterprise network ,provides the technical safe support for the automated work system of the design proposal which based on the digital certificate technology. This article has thorough discussed the PKI technology principle and the encryption technology, introduced the usually used authentication method, the digital signature technology, the CA authentication system as well as SSL, S/MIME security agreement, provided the theoretically support for establishing the enterprise digital certificate system.The enterprise digital certificate system design and realization are the key point of this article. The digital certificate system design introduced system characteristic, overall research, overall work flow, the system is divided into five modules which are certificate server, certificate registration server, information issue server, user status authentication server and application server. The certificate server, the certificate registration server and the information issued server are composed of CA authentication center is the enterprise network security infrastructure. The user end design has focused on the work flow of the certificate application, the certificate issues and the certificate abolishes.The digital certificate system realization has introduced the realization concretely of system user end certificate application, issues, cancellation , included the certificate function realization technology of Microsoft's Certificate Enrollment Control (CEC) the technology, the digital certificate system contact surface and the examination and approval flow chart and the source code of essential step.This article has also searched the digital certificate application, including in email safe transmission, enterprise archives safe transmission aspect. In the conclusion, has introduced the paper main work, explained the characteristic and significance of the paper, simultaneously has pointed out insufficiency of the system design, has made the preparation for the topic next step of research. |
PDF Full Text Request