| 基于服务端密钥存储的网络计算机数字证书系统 | |
| 谭智勇 ; 司天歌 ; 戴一奇 ; TAN Zhiyong ; SI Tiange ; DAI Yiqi | |
| 2010-06-09 ; 2010-06-09 | |
| 关键词 | 数字证书系统 公钥基础设施 网络计算机 安全性 certificate authority(CA) system public key infrastructure(PKI) network computer(NC) security TP368.6 TP393.08 |
| 其他题名 | CA system in network computer environment based on server-end private-key storage mechanism |
| 中文摘要 | 为了解决在网络计算机系统中部署数字证书系统时存在的终端实体对私钥数据的存储需求和网络计算机无本地存储特性的矛盾,提出一种基于服务端密钥存储的网络计算机数字证书应用系统的设计与实现方案。该方案基于公钥基础设施体系架构,采用了随机数、"盐"和多轮迭代等手段保证系统的安全性,并且通过在客户端进行密钥生成和加解密操作的方式实现了系统的可扩展性。系统实现的结果表明:由于无需借助外部密钥存储设备,该系统在保证安全性和可扩展性的同时,实施复杂度和成本均降低。; A design and implementation scheme was devised for a certificate authority(CA) system in network computer environments based on a server-end privatekey storage mechanism to solve the conflict between private-key storage demands of the end-entity and the nonstorage character of network computer systems.The scheme was based on the public key infrastructure(PKI) architecture with system security achieved by various means such as random numbers,salt,and multiple round iterations.The scheme also ensures system scalability by assigning key derivation and encryption/decryption operations to the client-end.System implementation tests show that the system complexity and cost are reduced without impairing system security and scalability because external private-key storage equipment is not needed.; 国家“八六三”高技术项目(2005AA114160) |
| 语种 | 中文 ; 中文 |
| 内容类型 | 期刊论文 |
| 源URL | [http://hdl.handle.net/123456789/55579]  |
| 专题 | 清华大学 |
| 推荐引用方式 GB/T 7714 | 谭智勇,司天歌,戴一奇,等. 基于服务端密钥存储的网络计算机数字证书系统[J],2010, 2010. |
| APA | 谭智勇,司天歌,戴一奇,TAN Zhiyong,SI Tiange,&DAI Yiqi.(2010).基于服务端密钥存储的网络计算机数字证书系统.. |
| MLA | 谭智勇,et al."基于服务端密钥存储的网络计算机数字证书系统".(2010). |
| 个性服务 |
| 查看访问统计 |
| 相关权益政策 |
| 暂无数据 |
| 收藏/分享 |
除非特别说明,本系统中所有内容都受版权保护,并保留所有权利。
修改评论