| With the development of information technology, information security has gradually get more and more attention, especially in e-commerce and e-finance and development, PKI-based password security has also been rapid development and application. Independent server nodes are generally traditional PKI systems within a single network, in order to improve the performance and stability of the system, the corresponding CA systems generally take the form of hot standby. In daily business areas such architectures and models seem to have enough to meet the needs of users. But for special occasions in the field, as well as in the field of satellite services in the military field, in order to improve the anti-password service ruined stubborn viability, we should be asked to deploy the same PKI infrastructure in different network systems, thus proposed the concept of a distributed digital certificate management. In order to protect the digital certificate issued by continuous availability of business services, distributed digital certificate management system will be deployed in different physical environments, in the case of the destruction of the business service is not the same, depending on the reliability of the service provided by integrated provider of various fault conditions as long as there is a service provider to normal operation, the system can still provide services, and is not affected by the fault section provides, in order to achieve high system survivability. Digital certificate server allows new functionality equivalent business server, shared service pressures, address the issue of service failure leaving the entire certificate system failures. Failure of the digital certificate business server after the repair, you can rejoin the digital certificate business server cluster, continue to provide services. Digital certificate business server uses a highly scalable distributed provider model, may be necessary to expand as required. Usually only one or two can set the digital certificate of foreign business server certificate management capabilities, the need to improve the business of digital certificates high concurrency capabilities, availability or invulnerability when features available in local or remote to quickly create digital certificates and business server added to the system. Distributed digital certificate services management system also supports the evaluation of the quality of service, quality of service can be assessed by aspects of data quality, service capacity, choose a higher quality of service business server based on the assessment results. This article on how to build a digital certificate management system in distributed peer to peer network architecture proposed prototype implementation. |
PDF Full Text Request