基于XKMS的密钥证书管理系统的设计和实现-检测技术与自动化装置专业论文.docxVIP

Designing Designing and Implementing the Key Certificate Management System based the XKMS Major：Detection Technology and Automatic Name： Ld Jing Supervisor：Lfi Zhiming ABSTRACT After having analyzed and researched the algorithms from Sun’s JKS and SunJCE’s JCEKS，the author designed and implemented the KCMS(Key Certificate Management System)．The JKS and JCEKS don’t protect the sensitive information in the keystore file which generated by the two algorithms，so from the point，the KCMS the Password—based Encryption— PBEWithSHAIAndDESede protect the sensitive information preserved in the key certificate management system．The author designed the security provider and keystore algorithm the basis of the specification of the KeyStoreSP[class in the Java language．The algorithm cat7．be easily used by other applications．As result of the using the hash—table which is used the keys and certificates，the system search the related entries in high speed． The author researched the growing trend of the PKI and the XKMS(XML Key Management Specification)and designed the KCMS which could accomplish the client function of the XKMS．Not only the KCMS read，store．10cate and verify the X．509 certificates but also support the reading，locating and verif、ying other PKI certificates based the XML Signature and XML Encryption． The KCMS is up the Java 2 platform which is crossing—plattbrm and very sate，so it be the Windows，Linux，etc without any change．Because the KCMS don‘t need the database manage the keys and certificates，it lighten the designing of the client and be used in the embedded devices．The module of the KCMS has some researching and applying values． Key Words：PKI．XKMS．Java，keystore 端于XKMS的密宅【；l证书管理系统的殴计和实现第1章 端于XKMS的密宅【；l证书管理系统的殴计和实现 第1章 引言 i．1 课题研究的背景和现状 随着网络技术和计算机技术的飞速发展，我围信息化建设也取得了 较大的成就，从“政府网上办公一电子政务”到“企业网匕交易一电子商 务”，信息网络已经渗透到各行各业和人民的生活中。网络正逐步改变着 人们的生产和生活方式，推动着社会进步和机制、体制的不断改革。伴随 着国内信息化建设高潮而来的计算机和网络犯罪也不断出现，信息安全问 题日益突显出来，信息网络的安全一旦遭受破坏，其影响或损失将十分巨 大。信息安全已经成为一个关系到幽家经济、政治、军事等多方面的重要 问题。目前，