长三角电子认证服务体系互联互通平台的研究与设计
发布时间:2018-03-14 13:23
本文选题:长三角 切入点:电子认证 出处:《浙江工业大学》2014年硕士论文 论文类型:学位论文
【摘要】:随着长三角地区电子认证服务的蓬勃发展,目前长三角地区的浙江、江苏、上海均已建立了各自的区域性电子认证服务机构(简称CA机构),经过几年的建设,三地的发证量与电子认证应用都取得了快速的发展。由于三地CA机构在建设之初没有实现系统的互联互通,导致目前三地电子认证不能实现跨区域、跨行业的应用。随着三地经济联系的日益密切,电子认证应用范围不断扩大,应用需求不断显现,应用水平不断深化,实现电子认证跨区域、跨行业的应用需求日益迫切,因此长三角地区电子认证服务体系互联互通问题亟待解决。 本文依据长三角一体化的迫切需求,研究参考了相关国际国内标准与规范,在现有的浙江CA、江苏CA、上海CA的基础上,采用交叉认证的方式实现CA的互认,并设计了长三角电子认证服务应用互通平台,来实现三地跨区域、跨行业的证书应用。本文的主要研究成果如下: 1.针对长三角电子认证现状,结合当前电子认证的需求,对长三角电子认证服务体系互联互通平台的总体方案,进行了分析与研究,并给出了设计方案,经过平台的建设与实施,该技术方案被证明是合理有效的。 2.针对长三角目前各区域CA的实际情况,选择并实现了一种交叉认证模式(网状点对点交叉认证方式),经过实践,证明是符合长三角电子认证现状的交叉方式,实现了三地CA机构的互联互认。 3.参考借鉴X.509V4标准,设计并实现了基于“应用通行证”的应用互通平台,通过“应用通行证”来管理用户的不同应用属性,进而实现三地证书应用的互联互通。 通过对长三角电子认证服务体系互联互通平台的设计、建设与实施,平台取得了一定的社会效益与经济效益,并为长三角经济一体化提供了一个基础的网络安全平台。
[Abstract]:With the rapid development of electronic certification services in the Yangtze River Delta region, Zhejiang, Jiangsu and Shanghai in the Yangtze River Delta region have all established their respective regional electronic certification service institutions (CA institutions for short). After several years of construction, The number of certificates issued in the three places and the application of electronic authentication have developed rapidly. Because the CA institutions in the three places did not realize the interconnection of the systems at the beginning of construction, the electronic authentication in the three places cannot be implemented across regions. Cross-industry application. With the increasingly close economic ties between the three places, the application scope of electronic authentication is constantly expanding, the application needs are constantly emerging, the application level is deepening, and the application needs of electronic authentication across regions and industries are increasingly urgent. Therefore, the problem of interconnection of electronic authentication service system in Yangtze River Delta needs to be solved urgently. According to the urgent need of integration of Yangtze River Delta, this paper studies and refers to the relevant international and domestic standards and norms. On the basis of the existing CA in Zhejiang, Jiangsu and Shanghai, the mutual recognition of CA is realized by cross-certification. And designed the application interworking platform of electronic authentication service in Yangtze River Delta to realize the certificate application of three places across regions and industries. The main research results of this paper are as follows:. 1. In view of the current situation of electronic authentication in Yangtze River Delta, combined with the demand of electronic authentication, the overall scheme of interconnection platform of electronic authentication service system in Yangtze River Delta is analyzed and studied, and the design scheme is given. Through the construction and implementation of the platform, the technical scheme has been proved to be reasonable and effective. 2. According to the actual situation of CA in each region of Yangtze River Delta at present, a cross authentication mode (mesh point to point cross authentication) is selected and realized. The practice shows that it is a cross mode that accords with the status quo of electronic authentication in Yangtze River Delta. The mutual recognition of CA mechanism in three places is realized. 3. Referring to X.509V4 standard, the application interworking platform based on "application pass" is designed and implemented, which manages the different application attributes of users through "application pass", and then realizes the interconnection of certificate applications in the three places. Through the design, construction and implementation of the interconnection platform of the electronic authentication service system in the Yangtze River Delta, the platform has achieved certain social and economic benefits, and has provided a basic network security platform for the economic integration of the Yangtze River Delta.
【学位授予单位】:浙江工业大学
【学位级别】:硕士
【学位授予年份】:2014
【分类号】:TP393.08
【参考文献】
相关期刊论文 前10条
1 孟洋,徐向阳;PKI/CA交叉认证体系[J];湖南文理学院学报(自然科学版);2005年01期
2 冯运波,任金强,杨义先;传统PKI与桥CA认证体系[J];电信科学;2002年01期
3 何翔;李思伟;薛建国;;PKI/CA技术应用的探讨与研究[J];计算机安全;2011年08期
4 任金强;刘海龙;;美国联邦PKI(FPKI)的发展与现状[J];电子政务;2005年23期
5 沈洁;蒋朝惠;;基于SOA的CA交叉认证的研究与实现[J];贵州大学学报(自然科学版);2010年01期
6 张全伟;;融合PKI基础设施的信息安全保障技术框架研究[J];信息安全与技术;2012年08期
7 陈建辉;吕尧;;证书策略的分类分级研究[J];信息安全与技术;2012年09期
8 张亮鸣;陈戏墨;;基于PKI CA跨域认证平台的应用[J];信息安全与技术;2013年04期
9 陈占芳;马天宇;宋红伟;李鹏鹏;王欢;蒋振刚;冯欣;;一种交互式身份认证及访问控制安全信息平台的设计与实现[J];长春理工大学学报(自然科学版);2013年Z2期
10 陈月华;闫晓丽;;电子认证服务业政策现状与趋势[J];信息安全与技术;2012年09期
,本文编号:1611395
本文链接:https://www.wllwen.com/guanlilunwen/ydhl/1611395.html