作者投稿和查稿 主编审稿 专家审稿 编委审稿 远程编辑

计算机工程 ›› 2007, Vol. 33 ›› Issue (11): 147-150. doi: 10.3969/j.issn.1000-3428.2007.11.054

• 安全技术 • 上一篇    下一篇

基于入侵容忍的CA认证中心设计

郭 萍   

  1. (南京信息工程大学计算机系,南京 210044)
  • 收稿日期:1900-01-01 修回日期:1900-01-01 出版日期:2007-06-05 发布日期:2007-06-05

CA Design Based on Intrusion Tolerance

GUO Ping   

  1. (Dept. of Computer, Nanjing University of Information Science & Technology, Nanjing 210044)
  • Received:1900-01-01 Revised:1900-01-01 Online:2007-06-05 Published:2007-06-05

摘要: 从PKI的核心部件CA入手,将入侵容忍的概念引入CA中,给出了一个可行的基于入侵容忍技术的CA认证中心设计方案。论述了基于入侵容忍CA认证中心的体系结构、各组件间的相互作用、基于入侵容忍的CA签名方案及整个系统的工作过程。针对系统的不足之处,指出了未来工作中需要改进的地方。

关键词: PKI, CA, 入侵容忍, 数字签名

Abstract: Beginning with the kernel of PKI, which is certificate authority, this paper brings the concept of intrusion tolerance to CA, and gives a feasible scheme of CA based on intrusion tolerance. The most important part is that it discusses the system architect, a digital signature of CA based on intrusion tolerance, and the working process of the whole system. Aiming at some shortcomings, it points out where to be improved in the future.

Key words: PKI, CA, Intrusion tolerance, Digital signature

中图分类号: