Information security is showing its more and more importance timely, in particular universal usage of web services, some technology such as identifying authentication, access privilege, security of data in communications, have been pushed on the top of current security research.in modern cryptology, Public-Key Infrastructures (PKI) and its X.509 can perfectly achieve purpose of identifying authentication. Privilege Management Infrastructure (PMI) and its Attribute Certificate extends the authorization to user access privilege, based on the attribute access control, group and role, restriction and semantics, etc.Secure Socket Layer (SSL) or Transport Layer Security (TLS) are two most widely used protocols for implementing cryptography on the Web. SSL supporting X.509 certificate provides a secure enhancement to the standard TCP/IP sockets protocol used in Internet communications.. This paper surveys current PKI and PMI proposals and relevant issues, and implemented the reuse authentication components based on PKI and PMI. data in communication are protected by SSL/TLS. |