The Set-based Certification System And Its Security

With the rapid development of Internet, Electronic Commerce (EC) has been being one of the most attractive research topics. The EC system mainly includes three parts, namely, Merchant System, Payment System and CA System. CA is the core and foundation of the security of EC. By issuing digital certificates that can authenticate the transactors' identities and encrypting the data to be transmitted, CA can ensure the security and integrality of information and the undeniablity of electronic transactions.To develop EC efficiently, the security problems of the on-line transactions must be resolved. SET and SSL are two protocols that are currently used most commonly among the EC security protocols. Compared with SSL, SET is much securer, and, therefore, is acknowledged to be the standard of Internet security. Its transaction form is regarded as the criterion of future EC.Focusing on security, this thesis does deeply research on the design of CA system based on SET protocol, and presents an advanced solution scheme that can be used in practice.Chapters 1 and 2 introduce the core technologies of CA security, and analyze the functional model of CA system. In Chapter 3, the related theories of SET protocol are introduced, and the fundamentals and steps of some encryption algorithms adopted by SET are described in detail. Chapter 4 designs a high-security network architect of CA, presents a scheme to build Key Management System based on X.509 certification using LDA?and describes how to implement it. This thesis analyzes particularly the realization of CA's functions and develops a perfect client-side application. It also does research on the generation, storage and operation of the key of RSA, and completes software based on the structure of Linked List. In addition, this thesis presents a reasonable improvement on SET protocol, resolving the conservation and destruction of the electronic transaction data, and ensures the undeniablity of electronic transactions by providing Time-stamp service. In Chapter 5; the other requirements and measures of CA security are analyzed and summarized.