居民医保卡密钥安全传输管理系统的设计与实现
发布时间:2018-08-07 11:31
【摘要】:在高度依靠网络提供各项社会化公共服务的今天,网络渗透到我们每一个人的身边,而网络参与者也呈现多样化,且其目的也各不相同,因此网络安全已成为网络应用中的首要问题。一般性的非国家安全的社会化网络应用,已经摒弃了物理隔离专网的建设模式,采用的是以internet网络为基础的数据传输,基于此,就对网络安全传输提出了高标准新要求,要求在确保数据传输万无一失的情况下,加大网络传递的涉及面,例如安全性、易推广、成本低等方面。近年来,我国居民社会医疗保险事业蓬勃发展,从一线城市,发展到二三线城市,将来还要覆盖广大农村人口,实现全覆盖的目标。社会医保运行的重要载体就是居民医保卡,最初的集中制卡模式已不能满足快速增长的办卡用卡需求。居民医保卡将采用远程发卡模式,必然对医保卡的密钥传输管理系统提出更高的安全要求。通过对现有各类网络安全传输的深入研究,提出了以硬件加密为基础的安全传输系统设计思路,通过自主研发的一款集成国密算法的纯国产加密芯片设计一套安全传输密钥管理系统,对网络上传输的数据进行加密保护,可以有效防止数据泄露,保护数据的完整性,防止被非法篡改。文章首先从整体架构上介绍了密钥安全传输管理系统,并详细描述其工作流程;然后从身份认证功能模块介绍了数字证书申请、数字认证、数字证书更新及数字证书销毁;接着从数据加解密功能模块介绍了数据包的安全传输、加解密密钥的安全传输及两者相结合数字信封的安全传输;最后从接口通信协议、网络配置、数据库配置和身份认证各功能实现方面详细阐述了系统的安全传输实现。基于居民医保卡的密钥安全传输管理系统是以硬件加密芯片为核心,通过综合利用国密算法SM1、SM2和SM3,实现对网络传输数据的机密性保护、完整性保护和防篡改保护。所以,在国密算法大力推行的今天,居民医保卡密钥安全传输管理系统打造出了一个新的基于硬件底层加密安全传输的方案,该方案不但为低成本高保密性提供了新的研究方向,而且还为其他领域的网络安全传输提供了新的应用空间。
[Abstract]:Today, when we are highly dependent on the Internet for all kinds of social public services, the network permeates every one of us, and the network participants are diversified and have different purposes. Therefore, network security has become the most important problem in network application. The general application of non-state security social network has abandoned the construction mode of physical isolation private network and adopted the data transmission based on internet network. Based on this, high standard new requirements for network security transmission have been put forward. In order to ensure that data transmission is foolproof, it is necessary to increase the coverage of network transmission, such as security, easy promotion, low cost and so on. In recent years, the social medical insurance of residents in our country has developed rapidly, from the first-tier cities to the second-third-tier cities. In the future, the vast rural population will be covered and the goal of full coverage will be realized. The important carrier of social medical insurance operation is resident medical insurance card. The initial centralized business card printing mode can no longer meet the rapidly increasing demand for business card. The resident medical insurance card will adopt the mode of remote card issuing, which is bound to put forward higher security requirements to the key transmission management system of the medical insurance card. Based on the deep research of all kinds of network security transmission, the design idea of secure transmission system based on hardware encryption is put forward. A set of secure transmission key management system is designed through a home-made encryption chip which integrates national secret algorithm, which can effectively prevent data leakage and protect the integrity of data by encrypting and protecting the data transmitted on the network. Prevent illegal tampering. This paper first introduces the key security transmission management system from the whole architecture, and describes its workflow in detail, then introduces the digital certificate application, digital authentication, digital certificate update and digital certificate destruction from the identity authentication function module. Then it introduces the secure transmission of data packets, the secure transmission of encryption and decryption keys and the secure transmission of digital envelopes combined with them from the function module of data encryption and decryption. The realization of secure transmission of the system is described in detail in the aspects of database configuration and identity authentication. The key security transmission management system based on the resident medical insurance card is based on the hardware encryption chip, and realizes the confidentiality protection, integrity protection and tamper-proof protection of the network transmission data through the comprehensive use of the national secret algorithms SM1, SM2 and SM3. Therefore, today, with the implementation of the Guochou secret algorithm, a new scheme based on hardware underlying encryption and security transmission has been created in the residential health insurance card key security transmission management system. This scheme not only provides a new research direction for low cost and high confidentiality, but also provides a new application space for network security transmission in other fields.
【学位授予单位】:北京工业大学
【学位级别】:硕士
【学位授予年份】:2014
【分类号】:TP311.52;TN918.4
本文编号:2169884
[Abstract]:Today, when we are highly dependent on the Internet for all kinds of social public services, the network permeates every one of us, and the network participants are diversified and have different purposes. Therefore, network security has become the most important problem in network application. The general application of non-state security social network has abandoned the construction mode of physical isolation private network and adopted the data transmission based on internet network. Based on this, high standard new requirements for network security transmission have been put forward. In order to ensure that data transmission is foolproof, it is necessary to increase the coverage of network transmission, such as security, easy promotion, low cost and so on. In recent years, the social medical insurance of residents in our country has developed rapidly, from the first-tier cities to the second-third-tier cities. In the future, the vast rural population will be covered and the goal of full coverage will be realized. The important carrier of social medical insurance operation is resident medical insurance card. The initial centralized business card printing mode can no longer meet the rapidly increasing demand for business card. The resident medical insurance card will adopt the mode of remote card issuing, which is bound to put forward higher security requirements to the key transmission management system of the medical insurance card. Based on the deep research of all kinds of network security transmission, the design idea of secure transmission system based on hardware encryption is put forward. A set of secure transmission key management system is designed through a home-made encryption chip which integrates national secret algorithm, which can effectively prevent data leakage and protect the integrity of data by encrypting and protecting the data transmitted on the network. Prevent illegal tampering. This paper first introduces the key security transmission management system from the whole architecture, and describes its workflow in detail, then introduces the digital certificate application, digital authentication, digital certificate update and digital certificate destruction from the identity authentication function module. Then it introduces the secure transmission of data packets, the secure transmission of encryption and decryption keys and the secure transmission of digital envelopes combined with them from the function module of data encryption and decryption. The realization of secure transmission of the system is described in detail in the aspects of database configuration and identity authentication. The key security transmission management system based on the resident medical insurance card is based on the hardware encryption chip, and realizes the confidentiality protection, integrity protection and tamper-proof protection of the network transmission data through the comprehensive use of the national secret algorithms SM1, SM2 and SM3. Therefore, today, with the implementation of the Guochou secret algorithm, a new scheme based on hardware underlying encryption and security transmission has been created in the residential health insurance card key security transmission management system. This scheme not only provides a new research direction for low cost and high confidentiality, but also provides a new application space for network security transmission in other fields.
【学位授予单位】:北京工业大学
【学位级别】:硕士
【学位授予年份】:2014
【分类号】:TP311.52;TN918.4
【参考文献】
相关期刊论文 前2条
1 郑化浦;刘帅;;SSL VPN网络安全关键技术研究[J];河南城建学院学报;2013年04期
2 席荣荣;云晓春;金舒原;张永铮;;网络安全态势感知研究综述[J];计算机应用;2012年01期
,本文编号:2169884
本文链接:https://www.wllwen.com/kejilunwen/wltx/2169884.html
