HU Xiao-qin,LI Tao,ZHAO Kui,LU Zheng-tian,ZHAO Qing-hua

DOI: https://doi.org/10.3969/j.issn.1001-3695.2008.08.057

2008-01-01

Abstract:To improve simplicity,integration and cost of certificate issuance,this paper introduced the registry agent placed registry agent between CA and applications.Integrated certificate issuance and applications user-right assignment.It gave the certificate application proccess. It implemented the certificate issuance system based on Web services with system and platform independence.In practice,it is showed that the system impoves the simplicity,integration and cost of certificate issuance.

Xuesong QUE,Yuming Yao,Shanping LI,Ming GUO,Xiaoqiang Dong

DOI: https://doi.org/10.3969/j.issn.1000-3428.2001.01.010

2001-01-01

Abstract:This paper presents the design and implementation of a Web-based 3-tiered computer aided quality (CAQ) System OL-CAQ, as a sub-system of a CIMS system OL-CIMS. The cons and pros of those tranditional Client/Server architectures vs. 3-tiered Client/Server architectures are also presented, and the implementation of the Web-based 3-tiered OL-CAQ system is outlighted.

刘基,康慕宁,邓正宏

DOI: https://doi.org/10.3969/j.issn.1002-2279.2009.03.011

2009-01-01

Microprocessors

Abstract:Based on the discussing of the Digital Certificate and Certification Authority on the Internet,with the purpose of improving the usability within the enterprise and reducing the enterprise's expenditure on using Digital Certificate,deeply analyzes the structural design of the digital certificate's self-certification within the enterprise.This design has been successfully implemented in the Windows system by combining OpenSSL software package,and using Socket.The structure of the design blends the application system of the enterprise into aunity.The design itself is simple and convenient,has bright prospects in theories and applications.

Liu Duan-yang,Pan Xue-zeng,Ping Ling-di

DOI: https://doi.org/10.1631/jzus.2003.0555

2003-01-01

Abstract:Distributed certification via threshold cryptography is much more secure than other ways to protect certification authority (CA)'s private key, and can tolerate some intrusions. As the original system such as ITTC, etc., is unsafe, inefficient and impracitcal in actual network environment, this paper brings up a new distributed certification scheme, which although it generates key shares concentratively, it updates key shares distributedly, and so, avoids single-point failure like ITTC. It not only enhances robustness with Feldman verification and SSL protocol, but can also change the threshold (t, k) flexibly and robustly, and so, is much more practical. In this work, the authors implement the prototype system of the new scheme and test and analyze its performance.

宣蕾,吴泉源,王怀民

DOI: https://doi.org/10.3969/j.issn.1002-137X.2000.11.010

2000-01-01

Computer Science

Abstract:We studied and implemented a Certificate Authority(CA)server software to issue the Digital Certificate which uses for secure authentication over Internet in this paper,includes:generating the RSA key pair and management of the Digital certificate,e.g.generating a certificate request,generating a certificate,signing/verifying a certificate and revoking a certificate.Now the CA server that we implemented has passed the test.The conclusion is that the CA server measures up the correlative internationalstandard and it can offer the practical applications.

LIU Xiao-hong

DOI: https://doi.org/10.3969/j.issn.1673-0461.2006.06.008

2006-01-01

Abstract:Digital identity certification(CA certification) is important to prevent E-commercial risk.Since 2002,China has begun digital identity certification in E-commerce.This paper briefly introduces administration and legal basis of CA certification,its function and structure in China.It also analyzes the major problems in the current system in China,and puts forward some measures to prevent the risk in E-commerce.

DING Hui-chun,GU Jian-hua,ZHANG Fan,LIU Gang

DOI: https://doi.org/10.3969/j.issn.1001-3695.2005.03.044

2005-01-01

Abstract:As an important component of E-Government system,electronic seal middleware provides the function service for E-Government System, and basically solves the problem of stamping the seal and signature in electronic document, distinguish the identity of operation, ensure the electronic document authenticity,integrality,confidentiality and cannot denying. This paper brought forward the safety solution of electronic middleware based on public key infrastructure, and analysed the design and realization of electronic seal middleware in detail.

WANG Rui-gang,ZHU Zhi-xiang

DOI: https://doi.org/10.3969/j.issn.1009-8054.2010.10.031

2010-01-01

Abstract:With promulgation of the instructions for China count-level e-government based on Internet,the county-level e-government construction enters a rapid development phase,the security risks from Internet,working circumstance and personnel quality increase remarkably,and the security management becomes the key factor in security strategies for countylevel e-government.In order to ensure the security of county-level e-government,this paper analyzes the security management features of the county-level e-government,presents an integrated security management architecture,tells of the important content of security management,discusses the management framework for security rules.Finally,this paper emphasizes that this integrated security management architecture is an effective means for ensuring the security of county-level e-government.

WANG Zhi-ming,LI Tao,HU Xiao-qin,LIU Ying-na,HUANG Rui

DOI: https://doi.org/10.3969/j.issn.1671-0428.2009.01.026

IF: 5.105

2009-01-01

Computers & Security

Abstract:In this paper, to satisfy the confidentiality, integrity and non-repudiation of the data in the e-government, a security strategy for e-Government based on Internet is presented. The strategy adopts PKI system to implement authentication, it adopts storage encryption and transmission encryption system to ensure security of data transmission and storage, it adopts a disaster recovery system to resist the disaster, it adopts watermarking log system to ensure the integrity and non-repudiation of the system log, it adopts access control strategy system to implement strict access control in terms of different security ranks.

Xiao-ping LI,Hong ZHONG,Yan DING,Zhi XIANG,Hai-sheng HU,Xue-lin WU,Qi ZHANG,Jian-xue ZHU

DOI: https://doi.org/10.3969/j.issn.1004-0579.2002.02.020

2002-01-01

Journal of Beijing Institute of Technology

Abstract:A safe and reliable application system frame based on Internet and Intranet for Stock Supervision and Administration Council of China is built up. An all-sided, multi-tier and multi-technical security method has been adopted, which includes identity recognition, data encryption, digital signature, Domino and WWW servers, access control list, directory service, certificate authorization server, IC card and so on. The recognition system based on CA server is a high efficient, convenient and reliable system. The encryption technology and security method are proved to be reliable. The recognition system is of high security and is worthy of being popularized in some places where some special security requirements need meeting. Multi-tier technology can improve the security of database. Double keys method is a useful data encryption method.

LI Yong-jun,ZHOU Wen-hui

DOI: https://doi.org/10.3969/j.issn.1000-7024.2006.15.007

2006-01-01

Abstract:As the functions and ways of management are different between enterprise's CA system and standard CA system,it is hard for enterprise to design a network security system to keep secret,identify,digital signature and compress,but by making use of CA digital certification and current existed encryption methods synthetically and reasonably,a preferable network security strategy is achieved.On the base of the designed network security strategy,a prototype system for enterprise's CA system is studied and realized.Because the procedure of authentication in enterprise is less complicated than the reality CA system,the implementation of enterprise's CA system is not following the standard model.

xin yunwei,lu guizhang

2001-01-01

Abstract:This paper discusses the conception of certification authority center and digital certificate, brings forward a kind of scheme for certification authority center, develops a prototype system, and also presents the process of validating.

Liu HongWei,Xie WeiXin

DOI: https://doi.org/10.3969/j.issn.1008-0570.2007.18.063

2007-01-01

Abstract:To solve the difficulty of the exchange of documents among different departments, an electronic documents exchange plat- form which spans different networks of government is presented, at the same time, with the identity- based cryptography and the ellip- tic curve encryption arithmetic, a security identity- based electronic documents exchange modal is put forward. It provides a secured safeguard for the random exchange of electronic documents among different networks. The result shows that the suggested scheme is available, safe and sufficient.

Liu Hongwei,Yu Jianping

DOI: https://doi.org/10.3969/j.issn.1001-4373.2007.04.030

2007-01-01

Abstract:According to the current demand of project management in E-government,a model of secure E-government online declaration system based on identity-based encryption was proposed.The model is based on identity-based cryptography,so as to overcome some problems posed by traditional authentication model based on PKI.Moreover,online declaration and the exchange of important information about government in WWW are supported in this model.Especially,the security and efficiency of the model are analyzed.It is showed that the proposed model is secure and efficient.

王秀琴,华蓓

DOI: https://doi.org/10.3969/j.issn.1001-3695.2001.02.043

2001-01-01

Abstract:By the theory of public key infrastructure PKI and theauthentication structure of electronic transaction system, this paper puts forward a design scheme of enterprise security communication platform based on certificate authority (CA), gives a model and analyses the system's security in detail.

MAO Chang,LIU Xiao-jie,LI Tao,HU Xiao-qin,SHA Kai-bo,ZHANG Xing-su,CHENG Xiao-xiao

DOI: https://doi.org/10.3969/j.issn.1001-3695.2007.09.033

2007-01-01

Abstract:This paper presended a PKI-based secure management mechod for electronic documents(SMMED).This method provided some secure services in high degree,including confidentiality,integrity and nonrepudiation.This paper first de- scribed SMMED's theoretical model,then introduced the architecture of a sealed bid auction system which adopted SMMED, and finally listed the advantages of this method.

CHAI Yueting,YU Xiao,HUANG Yadong

DOI: https://doi.org/10.16511/j.cnki.qhdxxb.2018.26.020

2018-01-01

Abstract:E-commerce needs secure electronic invoices to eliminate paper-based invoices and problems of not billing,virtual billing,false invoices and other issues.This paper presents an electronic invoice concept with electronic invoice management and a public service model for automatic generation,centralized management,online inspection and intelligent service of electronic invoices.This paper presents the overall structure of the electronic invoice management and public service system that includes a secure electronic invoice issuing system,a regional electronic invoice information management and service platform,an electronic invoice information exchange and a sharing platform. This paper also describes the system implementation and verification as a foundation for a tax management and service method to meet e-commerce development needs.

Yong GUO

DOI: https://doi.org/10.3969/j.issn.1006-6055.2014.05.006

2014-01-01

Abstract:The own protection mechanism of PKCS#12 certificate file is analyzed reversely and researched for the deployment of digital certificates.Based on one-time password and three-tier architecture model of mobile terminal,client and server,a authentication certificate deployment system,the One-time-pass of Authentication Deployment System(OTPDSYS)is pro-posed.Its good properties in terms of identification provide a more secure,robust deployment of digital certificates and au-thentication solutions that can be widely used,such as in authentication,certification and software licensing.

Xu Xiaolin,Zhang Ningying

2012-01-01

Abstract:With the electronic identity cards,electronic passports,electronic driver's license and other electronic documents becoming increasingly important as public personal information carriers,and by means of e-government network infrastructure and continuous improvement of management system and applications,it becomes a trend that electronic certificates are regarded as new carriers of public service information resource sharing and public services.Based on the government's public service information resource sharing theory and the characteristics of RFID technology,this paper raises a new information technology platform infrastructure,which loosely managing but tightly integrating the RFID technology,the document management and the government's public service information resources.Then combined with a practical case of electronic real estate license information service platform,the paper explains the application of scientific framework.Finally,this paper conducts a preliminary analysis and discussion about the constraints and countermeasures in promoting e-government public service information resource sharing.

Qianmu Li,Qiugan Shi,Jun Hou,Yong Qi,Hong Zhang

DOI: https://doi.org/10.1007/978-3-642-34062-8_12

2012-01-01

Abstract:With high-speed move and frequent cross-domain, the problem of certificate authority (CA) is a security bottleneck in the Satellite-Earth (S&E) Integration Network. A mobile-certificate authority Method based on PKI (Public Key Infrastructure) is proposed in this paper. Based on the RSA algorithm, the method realizes the anonymous authentication between neighboring nodes. It distributes the private key component to n nodes according to the threshold theory, and then realizes multi-node collaboration certification and dynamic permission-recovery. In addition, combining with distributed authentication and chain certification, this paper achieves distributed PKI and provides certification basis for high-speed nodes. This method frame, which is no-central, self-adaptive and traceable, could fulfill the quality of the S&E Integration Network. The experiments showed that the success rate and safety of it is much better than traditional distributed certification method. The method has far-reaching military value