| The No.7 signaling network management system is the one which perform distributed management for No.7 signaling network, which need a very high-level authentication. At the same time, it' s access control is differ from general network management system's because of it's special feature, which need more security and flexible access control.PKI technology is based on the modern cryptology, which authenticate user through issue digital certificate for them. Currently It's one of the mainstream security technology. The PMI, as extension of PKI, offered good security and flexible through authorization with attribute certificate.In this thesis, I build authentication/authorization with PKI/PMI, through analysis of PKI/PMI and system's security requirement, giving authorization model design suitable for system's security requirement, and design authentication/authorization module, with implement in true environment.The main works as fellows:Expounded architecture of system and its characteristic, analyzing authentication and authorization requirement and proper management request.Compared identity authentication type currently, expounded authentication and trust relationship in system, analyzing proper PKI authentication trust model for system.Analyzing the main access control mechanism currently, performing authorization with PMI-based attribute certificate. With analyzing of PMI common model, present an improved model suited for system.Designing PKI/PMI deployment architecture in system, expounding the whole architecture of system's authentication and authorization, expounding design of authentication/authorization module in application.Primary implement of authentication/authorization module in application, completed authentication/authorization for user through interaction with authentication and authorization module and PKI/PMI. |
PDF Full Text Request