中国科学院软件研究所机构知识库
Advanced  
ISCAS OpenIR  > 中科院软件所  > 中科院软件所
题名:
安全WWW服务器的设计与实现及PKI体系的设计
作者: 熊雁凌
答辩日期: 2001
专业: 计算机应用技术
授予单位: 中国科学院软件研究所
授予地点: 中国科学院软件研究所
学位: 博士
关键词: 安全模型 ; BLP模型 ; Web服务器 ; 身份认证 ; 访问控制 ; 数据加密 ; 证书 ; 公钥体系 ; PKI公钥基础设施 ; SSL安全套接层 ; 摘要算法
摘要: Web服务器能够灵活地提供各种格式的、内容丰富的信息,能够优化信息的管理。另外Web服务的客户端可以运行在任何的操作系统平台之上,突破平台桎梏。所以Web服务越来越多的应用于各种领域,其中的热点有电子商务交互平台、企业内部信息发布管理系统。这些都是能够接触到敏感信息的应用。因此有力的保障信息交互的安全、可靠,是发展电子商务和企业信息平台的关键。安全WWW服务器是构成安全的电子商务、可信的企业信息平台的核心功能部件,对保证Web服务系统的正常运行,保障企业安全策略的正确实施,维护商务及信息的可靠性等都具有十分重要的意义。本文旨在论述基于增强BLP模型的安全WWW服务器的设计原则和具体的实现方法,同时提出建立PKI公钥基础设施的构想。内容组织如下:首先介绍了Bell-LaPadula模型(简称BLP模型);根据对BLP模型的分析提出对它的改进,形成设计的理论基础——增强BLP模型。然后,按照功能的分类,对安全WWW服务器的设计原则逐一阐述;这里分为五大功能模块分别是身份认证、访问控制、数据加密、证书及密钥、以及管理模块。最后,提出一个实现PKI公钥基础设施的可行方案;同样按照功能分为CA认证中心、证书库、密钥备份及恢复系统、证书撤销系统四个服务器端的模块。最后,提出了它的应用前景。
英文摘要: Web server can flexibly provide us with a wide range of data format and plenty of information, it also maintain and optimize the management of information. Furthermore, the client side of web server can be run at any platform of operating system. So web server become more and more important and used in all sort of areas. The hot spot among those are the electronic business interact platform, Intranet information distribute and manage system. Yet this information tangles with something that needs great cautious. There must be some strong support to make sure the information float in a secure and reliable way, this is very crucial to the success of the electronic trade. The Secure WWW Server is the kernel of electronic trade and information platform of a enterprise. It guaranties the web server system to run normally and maintain the correct execution of secure police of the enterprise and help to establish the trusty of the commerce and information. This paper is intend to discuss Secure WWW Server's design principal and detail implementing method based on the enhance BLP model, it also suggests a way to establish the PKI. It is organized as follow: First, I make a brief introduction of Bell-LaPadula model (BLP model); a detailed analyze on BLP model and the improvement on it which formed the theoretic base of my design, the enhanced BLP model. Then, according the functional category, I present in detail the Secure WWW server design rules. Here I show in five blocks: identification authorization, access control, data encryption, certification and decryption/encryption keys, and manage model. In the last, I provide a solution to implementation PKI; It contains the CA center, certification database, key backup and restore system, and cortication release. Finally I show some aspect of the application in the future.
语种: 中文
内容类型: 学位论文
URI标识: http://ir.iscas.ac.cn/handle/311060/6394
Appears in Collections:中科院软件所

Files in This Item:
File Name/ File Size Content Type Version Access License
LW004439.pdf(2056KB)----限制开放-- 联系获取全文

Recommended Citation:
熊雁凌. 安全WWW服务器的设计与实现及PKI体系的设计[D]. 中国科学院软件研究所. 中国科学院软件研究所. 2001-01-01.
Service
Recommend this item
Sava as my favorate item
Show this item's statistics
Export Endnote File
Google Scholar
Similar articles in Google Scholar
[熊雁凌]'s Articles
CSDL cross search
Similar articles in CSDL Cross Search
[熊雁凌]‘s Articles
Related Copyright Policies
Null
Social Bookmarking
Add to CiteULike Add to Connotea Add to Del.icio.us Add to Digg Add to Reddit
所有评论 (0)
暂无评论
 
评注功能仅针对注册用户开放,请您登录
您对该条目有什么异议,请填写以下表单,管理员会尽快联系您。
内 容:
Email:  *
单位:
验证码:   刷新
您在IR的使用过程中有什么好的想法或者建议可以反馈给我们。
标 题:
 *
内 容:
Email:  *
验证码:   刷新

Items in IR are protected by copyright, with all rights reserved, unless otherwise indicated.

 

 

Valid XHTML 1.0!
Copyright © 2007-2017  中国科学院软件研究所 - Feedback
Powered by CSpace