基于OpenSSL的安全Web服务器的设计与实现【毕业作品】.doc

基于OpenSSL的安全Web服务器的设计与实现 摘要：随着计算机网络技术的飞速发展，基于计算机网络诸多业务，如电子商务、电子政务、网上银行迅猛的发展，为人们的生活和工作带来了很多的方便。然而，由于Internet的开放性、灵活性、共享性等特点，也为人们带来了巨大的安全威胁。如何在网络中共享信息的同时更加有效地保障我们的信息不被他人窃取、利用——保护个人的信息安全，已成为人们共同关注的问题。 默认情况下Web服务使用的传输协议是HTTP，而HTTP协议是没有任何加密措施的，服务器和客户之间通讯的所有的信息全部采用明文传输，恶意的攻击者可以通过安装监听程序来获得我们和服务器之间的通讯内容。因此，如何保证服务器和客户之间通讯的安全性，保证双方交易信息的保密性、完整性已成为亟待解决的问题。 本设计基于Linux平台，利用OpenSSL开放源码库，实现了具有安全性的Web服务器，实现了服务器和客户之间的安全通信。服务器端通过出示数字证书进行身份认证，Server同时限定Client也要出示身份验证，实现了更具有可信性的双向认证；通过采用SSL中的加密算法对传输的数据进行加密，以保证双方传输数据的机密性；采用相关哈希函数如MAC，对数据进行验证，以保证数据的完整性，确保信息数据在传输途中不会被非法篡改。从而为完成服务器与浏览器之间的安全通讯提供了保障。 关键词：信息安全；安全套接接字层； OpenSSL； HTTPS The Design and Implementation of Secure Web Server Based on OpenSSL Abstract：With the rapid development of computer network technology, business such as e-commerce, e-government, e-bank based on computer network, has brought a lot of convenience for our daily life. However, due to the openness, flexibility, and sharing of the Internet, it also exposes us to the threat of leaking our personal information. It causes highly heightened concerns to ensure our personal information secured in computer networks, recently. HTTP is used to deliver messages in Web servers, which has no protection in any way. All messages, which can be monitored by attackers, are plaintext in communication between server and client. Thus, it has become an emergency to secure confidentiality, integrity of the information in transactions. In this article, we construct the project using OpenSSL to implement Web server program, which ensure a secure communication between the server and client. Double-sided authentication protects the information from attackers among the server and client through digital certificates. In the framework of SSL, a specific encryption algorithm is used to achieve the confidentiality and one kind of hash algorithms is applied to guarantee the integrity of the data in transmission, which provides a guarantee for the secure communication between the server and browser. K