| Certificate authentication system has been implemented basic services in various industries, and in the field of e-government and business can be widely used. Currently authorization management in society, single sign-on, integrated applications with a unified user management system certificate authentication has become a hot field in this industry, the focus.In this thesis, the design of the certificate authentication system, using a top-down approach will be described, starting with the logical structure of the system point of view, the overall design of the system architecture, and then analyzes the various algorithms, including symmetric algorithms, asymmetric algorithm, certificate issuance server, etc. the certification system can generate and manage certificates queries, keys, process safety audits, management certificates, network monitoring, etc. Finally, the discussion and design of the certificate template mechanism.To achieve certificate authentication system point of view, this thesis describes the method used is contradictory law. First, from the certificate application process with the overall business process two aspects of business processes are introduced; later elaborated to achieve business focus lies mainly contains the certificate request packets to achieve class, certificate management class packets to achieve, CA service packets elemental analysis and certificate authentication system messages, the last line of the description of the certificate achieve authentication system messages, unified interface and certificate template mechanism. Compared with the original certificate authentication system innovation of this system covers the following aspects:(1) has a leading technology architecture supports hierarchical structure.(2) to build a sound mode dual certificate, while compatible with a single certificate model.(3) in the hierarchy can intelligently cut, with the current demand for the practical application of the system determines the various aspects of the various subsystems of the organic composition, adapted to be able to build a more intelligent application certificate in this way authentication system.(4) be able to apply for a certificate template mechanism support, and can be better suited for the certificate application.(5) the development of the application system can be re-adapt in order to internal and external changes in the environment.Finally, it carried on the preliminary verification for the system function on the basis of system design and implementation, conducted the detailed testing and validation on the function of digital certificate authentication system’s main components including initialization, digital certificate sign and issue, digital certificate audit, secret key management. At the same time, the author summarizes the research results in this paper, analyzes the existing problems and conducts prospects on the future research work. |
PDF Full Text Request