基于WPKI的移动办公系统安全模型设计及应用
Design and Realization of Dynamic Target Tracking and Au-tomatic Close-Up Snapshot
摘要: 当前网络安全管理问题面临着严峻的考验,针对现有网络安全模型无法满足基于有线网和无线网的移动OA安全需求现状的缺陷,结合移动OA实际安全需求特点,提出并设计了一种基于WPKI的移动OA安全模型。采用数字证书的认证与授权机制来实现用户身份确认及访问控制,通过数字签名来提供信息的完整性保护与不可否认性,并实现了无线与有线认证系统的统一,成功应用到科茂OA系统中,运行结果表明该安全模型能够很好的保证通信中用户身份安全,保护数据的机密、完整,实现用户行为的不可否认,完全可以满足移动办公的全方位安全需求,可广泛用于各种移动信息系统。
Abstract:
The network security management faces severe challenges currently. To solve the problem that the existing network security model unable to meet the security needs of mobile OA that based on wired or wireless network, we proposed and designed a security model of mobile OA based on the WPKI combined with the security demand characteristics about actual mobile OA. This security model uses digital certificate authentication and authorization mechanism for user identification and access control and provides integrity protection and non-repudiation for information by digital signature. The model unifys wireless and wired authentication system, and it has been applied for Kemao OA system successfully. The running results show that this security model can guarantee communication user identity safety, protect data confidentiality and integrity, and achieves the undeniable for user behavior. The security model we designed meets the mobile office omni-directional security needs completely, and can be widely used in all kinds of mobile information system.