Abstract: The design of certification authority establishment is completed successfully, and the functions of digital certificate are extended by means of building and encoding the authorized extensions items using ASN.1. Furthermore, the RBAC authorization information are appended to user’s certificate to control the owner’s access to objections. Some advantages of this mode are pointed out. The digital certificate avoids the insecure factor in traditional methods.

Key words: digital certificate, access control, certification authority(CA), ASN.1 grammer

摘要： 设计并实现了授权证书(CA)，扩展了数字证书的功能，利用ASN.1语法构造和编码证书授权扩展项，用RBAC中的访问控制信息为证书主体授权以实现证书对资源的访问控制。论述了该方式的优越性。该数字证书避免了传统方式的不安全因素。

关键词: 数字证书, 访问控制, 授权证书, ASN.1语法

CLC Number: 

• TP393.08