| With the fast development of information technologies and network, computer has became an exactly indispensable tool in our daily lives when the information industry of China is developing rapidly. The application of electronic technologies in the affairs of government, has made a tide of computer administration construction and the office automation system(OA) emerged, all of which have rose the effectiveness of people's jobs. Office software now can deal with more and more business and information such as work-scheduling, document transmission, conference arrangement and information issuance and so on. While, with the increased usage of the OA system and the increased storage of data, the security of the OA system has became a prominent and crucial problem.With the security problems within the OA systems, the paper mainly discussed how to take PKI/CA technology into OA system coordinate with real OA system projects. For the security of the whole OA system, we built the basic PKI/CA security platform environment, designed the security tactic for the spanning, delivery, identification, storage and revoking of the certificate. Problems about identity authentication, resist denying for document and secure telecommunication are mainly discussed. The contributions of the paper are denoted as follow:1. High secure identify certification technologyTo identify certification is the first defense line of the OA system, and also the OA system's base of the other application service. This paper is based on double factor authenticate scheme and using USB eKey to store users' personal key under PKI environment. It is easy to append another secure shell to the former password-based low security certification office automation system. It can improve the security level of the OA system.2. The realization of resist denying for documentDocument transmission is one of the key functions of the OA system. The paper adopts digital multi- signatures technology to sign the document in OA system when the one document needs some signatures from different departments .Digital-signature technology is then used to realize the resist denying for document, of which the aim is to realize the authentication (to make sure that the e-document is sent by the sender), the integrality (to make sure that the e-document is not change by anybody) and the resist denying (to make sure that the sender can not deny to economize the sending of his e-document). In that case, using digital multi- signature is more efficiently than these people do many times digital signatures. It means digital multi-signature is not according to the number of people who do the digital signatures.3. To guarantee the secure transmission of the OA system Security is always the basic requirement to information system. Withthe SSL secure transmission protocol, destroying of the data would be prevented to make sure for the confidentiality, integrity and availability of the document and information in the OA system. Meanwhile, PGP (Pretty Good Privacy) technology is used in the article to guarantee the secure transmission of document e-mail.Finally, some of the researches and the realization of the key technology in the realization of OA system are discussed. Conclusion and prospect about OA system are also made in the paper. |