| The problem of information security is becoming more and more important in the internet age. Eastablishing a efficient and secure communication architecture is the first question with which governments and enterprise are faced. How guarantee data are transmitted safely is a long-term topic for discussion of digital age. Based on that, the paper presents a digital certificate management system based public key infrastructure, and handles digital certificate management affair by the strategy of role-based access control. By this way, the security and reliability of authority management and data are strengthened.The digital certificate management system is based on browse and server structure. MyEclipse is selected as integrated development environment and Oracle is selected as database. According to software engineering approach, the paper makes an analysis of business needs firstly, then presents system funtion structure chart by the way of oriented-object modeling method to make overall design. The paper divides the whole into seven modules,which are application management, application audit, certificate management, secret key management, limits configuration, log audit and system management. Then designs and implements the seven modules and database respectively. The whole system is based on public key infrastructure. Symmetrical encryption algorithm and asymmetrical encryption algorithm are combined reasonably to generate digital certificate. The system provides secure logon by Ukey and logon by username and password. User and key, user and role are bound respectively, so role-based access control is implemented.System maintainment and management is implemented by three administrators management strategy, which are security administrator, audit administrator and system administrator. The three administrators have different limits and restrain mutually. So that strengthen the security of system. The log audit module makes administrator checking log convenient greatly. |
PDF Full Text Request