数字签名技术在密级标识中应用研究

发布时间：2018-02-01 02:50

本文关键词： 密级标识数字证书数字签名数字化定密　出处：《杭州电子科技大学》2015年硕士论文　论文类型：学位论文

【摘要】：自新保密法于2010年颁布以来,保密领域的信息化工作依法有序地展开。按照《涉及国家秘密的信息系统分级保护技术要求》(BMB17-2006)的相关定义,密级标识必须符合以下特性:不可分离和不可篡改。密级标识管理至少需要做到以下几点:密级标识生成;密级标识的提取;基于密级标识的秘密管理;基于密级标识的技术防护体系;基于密级标识的秘密检查。本文以密级标识的管理为背景,设计了一套适应密级标识管理要求的系统。系统以基于数字证书的PKI系统为框架,为定密管理系统提供密级标识的添加、提取、修改、去除、验证等服务,从而减轻了定密管理系统中密级标识管理的负担。通过对现有密级标识管理工作的分析,总结得出,将数字签名技术应用于密级标识管理系统,能保证密级标识管理的安全性。因此,本文将原有PKI系统进行扩展,实现对密级标识的权限管理。此外,为解决不同格式文件添加密级标识困难的问题,本文提出一种利用虚拟打印的方法来实现密级标识的自动添加,并结合XML格式来存储密级标识扩展属性信息、权限信息、跟踪信息,实现对密级标识提取、验证、跟踪。本系统还设计了一种私有文件格式,确保涉密文件和密级标识存储、传输安全。
[Abstract]:Since the new Secrets Act was enacted on 2010. The information work in the field of secrecy has been carried out in an orderly manner according to the relevant definitions of BMB17-2006 in accordance with the Technical requirements for hierarchical Protection of Information Systems involving State Secrets. The secret level identification must conform to the following characteristics: inseparability and non-tampering. The management of the secret level identification must do the following at least: the generation of the secret level identification; Extraction of secret class identification; Secret management based on classified identification; The technical protection system based on the classified marking; Based on the secret inspection of the secret level identification, this paper designs a set of system to meet the requirement of the secret level identification management. The system is based on the PKI system based on digital certificate. Provide the service of adding, extracting, modifying, removing, verifying and so on for the secret management system. In order to reduce the burden of classified identification management in the classified management system, through the analysis of the existing classified identification management work, it is concluded that the digital signature technology is applied to the classified identification management system. Therefore, this paper extends the original PKI system to realize the privilege management of the secret level identity. In addition, it solves the problem of adding the secret level identification to different format files. In this paper, a method of virtual printing is proposed to automatically add secret class identification, and XML format is used to store extended attribute information, privilege information, trace information and extract secret level identification. Verification, tracking. This system also designed a private file format to ensure the storage of confidential files and secret identification, transmission security.
【学位授予单位】：杭州电子科技大学
【学位级别】：硕士
【学位授予年份】：2015
【分类号】：TN918.91

【共引文献】