| As a universal security infrastructure, PKI can protect the security of network and resolve information security problems in network communications.PKI provides authentication and authorization of user identity, message integrity, and confidentiality and non-repudiation assurance. Features above are based on overcoming trust management problems among various entities in PKI field. However, PKI is just a transitive trust mechanism, which does not directly generate trust. It sets the Certificate Authorities management as the core and uses certificates authorization and authentication to establish a chain of trust between users.Therefore, a specific trust model to achieve PKI trust mechanism is required. The distributed network is open, collaborative and dynamic, in which each node has a high degree of autonomy. So it is difficult to carry out centralized management of trust. At the same time, most of existing distributed trust models are under the research stage. They have not yet formed complete and effective solutions and there are some problems about authenticity and security. With regard to above problems, this paper carries out the following research work.1)I study relevant theories of PKI technology and analyze the weakness of existing trust models in the distributed network.2) First of all, I design overall framework of distributed user-centric PKI. According to the needs of the framework and reference to the format of X.509 certificates, I design a set of concise and effective certificate formats and the corresponding data structure.3)I establish distributed user-centric trust model for PKI. The model combines SNS,"Six Degrees Separations" theory and Bayes statistical analysis.Based on the above study, I get the trust degree definition, calculation methods, dynamic update and restrictions on malicious node attacks.4) This PKI framework is applied to the mobile secure SMS.In practice the PKI framework is proved feasible. |
PDF Full Text Request