XML签名的设计与实现

发布时间：2018-03-30 12:20

  本文选题：XML签名　切入点：XML验证　出处：《电子科技大学》2014年硕士论文

【摘要】：当下越来越多的个人与商业终端正在被连接到Internet或者其他相类似的网络中。这些网络在其中充当着传输数据和提供服务的功能。因此,在诸如此类网络平台上安全的进行数据传输就变成了一个重要的课题。在计算机安全领域,数字签名机制被列为几个重要安全机制之一。它是Internet上事务传输的基础组成部分。笼统地说,数字签名机制有以下几个特性,统一性(Integrity),认证性(Authentification)和不可抵赖性(Non-Repudiation)。另一方面,作为因特网上数据传输的重要载体,XML格式正在充当着一个不可或缺的角色。基于它的统一性和灵活性,XML格式被看作是目前最适合在多元化分布式系统间进行数据传输的方式。XML安全技术主要涉及如下安全问题:XML签名、XML加解密、XML密钥管理规范(XML Key Management Specification简称为XKMS)和安全断言标记语言(Security Assertion Markup Language简称为SAML)本论文的主要研究内容为XML签名技术。为了保证XML文档的安全性,我们使用到了密码学领域的解密、加密、消息摘要和数字签名等方面的知识。使用XML加、解密和XML签名规范的主要内容及根据这些规范,利用编程语言来实现其所具有的功能。为了实现XML的签名、验证、加密和解密功能,实现签名功能的技术方案包括有:签名生成和签名验证两个部分。签名的验证与生成相对应,分别由两个步骤组成:引用验证和签名验证。而依据XML的加密规范,XML加密的整个处理过程为:接受加密密钥、算法和输入数据,将这些参数输入,经过加密处理,最终返回一个元素或者实施明文替换。而实现解密的技术方案与加密方案相反。
[Abstract]:More and more personal and business terminals are being connected to Internet or other similar networks, which act as data transfer and service providers. Secure data transmission on network platforms like this becomes an important issue. In the field of computer security, Digital signature mechanism has been listed as one of several important security mechanisms. It is the basic part of transaction transmission on Internet. In general, digital signature mechanism has the following characteristics: uniformity, authentication and non-repudiation. XML format, as an important carrier of data transmission over the Internet, is playing an indispensable role. Based on its unity and flexibility, XML format is considered to be the most suitable data format among distributed systems at present. XML security technology mainly involves the following security issues: XML signature XML encryption and decryption XML key management specification XML Key Management Specification (XKMS) and security assertion markup language Key Assertion Markup Language (SAMLL) the main contents of this thesis are as follows:. XML signature technology. To ensure the security of XML documents, We use the knowledge of decryption, encryption, message digest and digital signature in the field of cryptography. We use XML encryption, decryption and XML signature specifications, and according to these specifications, In order to realize the signature, verification, encryption and decryption of XML, The technical scheme to realize the signature function includes two parts: signature generation and signature verification. It consists of two steps: reference verification and signature verification. According to the encryption specification of XML, the whole process of encryption is to accept the encryption key, algorithm and input data, input these parameters, and then encrypt them. Finally return an element or implement a clear text replacement. And the implementation of decryption is the opposite of the encryption scheme.
【学位授予单位】：电子科技大学
【学位级别】：硕士
【学位授予年份】：2014
【分类号】：TN918.91
，

本文编号：1685885