A Protection System Of Electronic Document Security Based On TCM And CPK

With the improvement in the level of the global information and the rapid development of internet, the paperless office completely changed the various inconveniences in the manual operation of the paper documents in the past. How to ensure that information security is a hot issue of e-government now. To build a trusted electronic document protection system in the e-government is one of the key to the security of e-government. Electronic document protection system is a platform to provide security to the e-government. It must ensure the confidentiality of information, information integrity, authenticity, and to prevent non-repudiation.Electronic signature technology can verify whether the changes happened in the electronic document during transmission to ensure the integrity, authenticity and non-repudiation of electronic document. Electronic signature technology is the key to the safe operation in e-government. But electronic signature in a common PC environment may be tampered by the malicious programs, so it cannot guarantee the authenticity of the signatures of electronic documents.In order to solve the security issues of electronic signatures in electronic documents, in this paper, a protection system of electronic document was constructed based on trusted cryptography module (TCM) and combined with the combination of public key (CPK). A scheme of signing and verifying under trusted computing environment is designed. Trusted PC can be an effective solution to the safety of an ordinary PC and CPK can realize the identity-based authentication.This paper presents the design and implementation of electronic document protection system based on TCM and CPK. The details of functional modules, the command interface design and development process are given. The TCM functions it achieved include public and private key generation, key loading, signing and verifying, and etc. As an example, the realization process of the scheme is elaborated for the OFFICE WORD. Ultimately the signing and verifying of electronic signatures based on TCM and CPK is achieved.