Today, with the rapid development of Internet technologies, efficient and convenient network environment has brought enormous changes to people's life and production condition. Popularity of network has lead to many new opportunities, but also increased competition. In order to reduce production costs and shorten production cycle, enterprises prefer network production and online office. While the network is an open environment, enterprises' digital data, especially secret files inevitably encounter risk. The information is likely to be intentionally or unintentionally leak through the network to third-party hands, which brings about a great threat to enterprises.In this paper, a digital-file-protection system based on PKI/PMI is designed for enterprise security needs of electronic documents, which uses integrated certificates as the key technology and an identical encryption method as main way.Based on the theoretical study and analysis, integrated certificate is made by OpenCA and OpenSSL, user management and record audit by database. An file-encrypting algorithm is implemented with random number sequence. |