基于AXIS2的安全模型系統(tǒng)

摘  要
     隨著電子政務(wù)和電子商務(wù)不斷推進，互聯(lián)網(wǎng)上的安全問題已經(jīng)日益突山，建立完善的電子認證體系成為電子政務(wù)和電子商務(wù)能否穩(wěn)定發(fā)展的關(guān)鍵。 以數(shù)字安全證書為核心的PKI(Public Key Infrastructure公鑰基礎(chǔ)設(shè)施)技術(shù)正在日趨成熟，PKI技術(shù)采用證書管理公鑰，通過第三方的可信任機構(gòu)認證中心CA(Certificate Authority)，把要傳輸?shù)臄?shù)字信息進行加密和簽名，保證信息傳輸?shù)臋C密性、真實性、完整性和不可否認性，從而保證信息的安全傳輸。其應(yīng)用已覆蓋了安全電子郵什、虛擬專用網(wǎng)絡(luò)(VPN)、Web交互安全、電子數(shù)據(jù)交換、Internet上的信用卡交易等，涉及電子商務(wù)、電子政務(wù)、電子事務(wù)安全等諸多領(lǐng)域。 本文首先介紹了CA認證的理論和技術(shù)和PKI體系的基本理論，重點分析了PKI加密技術(shù)及其涉及的關(guān)鍵技術(shù)，然后簡述了國內(nèi)外PKI／CA認證體系的概況，分析了國內(nèi)CA認證的現(xiàn)況，及CA建設(shè)中存在的問題。 針對貴陽CA認證中心，本文從GYCA系統(tǒng)需求入手，從應(yīng)用的角度討論了系統(tǒng)架構(gòu)、模塊的組成、原理、相互關(guān)系，分析了系統(tǒng)功能的實現(xiàn)技術(shù)。根據(jù)貴陽CA認證中心的實際工作流程、系統(tǒng)安全性的考慮以及實際應(yīng)用情況，討論了CA認證在電子政務(wù)中的實際應(yīng)用，研究PKI／CA認證技術(shù)在電子政務(wù)中的可行性。 PKI／CA的應(yīng)用已經(jīng)十分廣泛，本文以PKI／CA在電子政務(wù)中的實際應(yīng)用，在貴陽市公務(wù)員安全電子郵件系統(tǒng)的基礎(chǔ)上，結(jié)合系統(tǒng)實際，通過研究系統(tǒng)的功能特點、基礎(chǔ)架構(gòu)以及信息安全、提升應(yīng)用安全、深化應(yīng)用安全等方面，闡述了PKI／CA認證體系在系統(tǒng)中的運用，分析了提供加密功能的郵件安全改造，著重研究CA認證在電子政務(wù)中的應(yīng)用，而是用WEB SERVICE,AXIS2 能夠極大的保證系統(tǒng)的安全性。
因此，該系統(tǒng)實現(xiàn)了保密性、完整性、不可否認性等方面的安全需求，具有良好的實用價值和應(yīng)用推廣價值。
關(guān)鍵詞:糾紛仲裁，數(shù)字簽名，CA身份認證，抗抵賴性，WEB SERVICE,AXIS2

Abstract
This class performance management system for students were analyzed and studied. According to research, the current classes of students in many schools still use the paper signature performance management or directly transmitted without encryption in the online student course performance. The teacher will score the paper signature is printed on paper, and then be signed, its disadvantage is inconvenient to carry or store; transmitted without enc-krypton in the online results, then teachers may be uploaded to deny the results, the administrator From the results of the tampering and interception by others during transmission and so on. The digital signature technology in the identification and authentication, data integrity, anti-denial, and so has other technical advantages can not be replaced; it can achieve the results of security encryption. Therefore, the authors propose a class of students based on digital signature performance management system.
  The system to SQL Server 2000 and JAVA as a development platform, the use of B / S architecture and C / S architecture combination to ensure system availability and security. Performance management system to achieve the students, college management, class management, curriculum management, teacher information management, public private key pair generation, signature verification and other functions results. B / S architecture is the system easy to install, affordable and small browser features, however, produced under the framework of public and private key pair and the online transmission is very secure. Therefore, the combination of C / S architecture, the system provides the public and private key pair generation and signature verification plug-in plug, so that public and private key pair generation and signature performance on the client side encryption. Teachers in public and private keys generated on the client after the first CA's public key public key encryption for teachers, and then uploaded to the server, then decrypted on the server-side.
  In addition, to address controversial issues in future student achievement, student performance on the client first with the education Division of the private key signature, and then use the CA's public key encryption, and finally uploaded to the server, the server-side decryption, get the original results. Performance while preserving the signature database, the original score and upload the data and time information to provide authentication capabilities to address the performance accountability when doubts arise. But with WEB SERVICE, AXIS2 can greatly ensure the security of the system.
   Therefore, the system realizes the confidentiality, integrity, non-repudiation and other security needs have good practical value and application value.
Keywords: dispute arbitration, digital signature, authentication, repudiation of

WEB SERVICE,AXIS2

目 錄
摘  要 I
Abstract II
目 錄 IV
第一章 緒論 1
1.1課題的背景和意義 1
1.2數(shù)字簽名技術(shù)的國內(nèi)外研究現(xiàn)狀 1
1.3本文主要研究內(nèi)容 3
1.4本文結(jié)構(gòu)與主要特點 4
第二章 公鑰密碼及數(shù)字簽名算法 6
2.1公鑰密碼概述 6
2.2 RSA密碼系統(tǒng) 8
2.3數(shù)字簽名 9
2.3.1數(shù)字簽名概述 9
2.3.2帶加密的數(shù)字簽名 10
2.4數(shù)字簽名算法 12
2.4.1數(shù)字簽名算法RSA 12
2.4.2數(shù)字簽名算法DSA 12
2.5學(xué)生成績簽名上傳及分數(shù)驗證功能原理分析 14
2.6 本章小結(jié) 15
第三章 系統(tǒng)分析 16
3.1問題分析 16
3.1.1問題的定義 16
3.1.2問題的提出 16
3.2系統(tǒng)設(shè)計目標(biāo) 17
3.3可行性分析 18
3.3.1技術(shù)可行性 18
3.3.2經(jīng)濟可行性 18
3.4需求分析 18
3.4.1系統(tǒng)需求 19
3.4.2功能需求 19
3.4.3環(huán)境需求 20
3.4.4 安全性需求 21
3.5系統(tǒng)設(shè)計開發(fā)工具和環(huán)境分析 21
3.5.1 JAVA簡介 22
3.5.2 Web應(yīng)用程序開發(fā)環(huán)境—JSP技術(shù) 22
3.5.3 Tomcat應(yīng)用服務(wù)器 22
3.5.4 Sql Server2000 23
3.5.5 B/S 開發(fā)模式 23
3.6開發(fā)框架技術(shù) 25
3.6.1 Struts技術(shù) 25
3.6.2 Hibernate技術(shù) 26
3.6.3 AJAX技術(shù)介紹 26
3.6.4 JDBC技術(shù)介紹 27
3.7數(shù)據(jù)流圖 28
3.8 本章小結(jié) 30
第四章 系統(tǒng)設(shè)計 31
4.1總體設(shè)計 31
4.1.1架構(gòu)設(shè)計 31
4.1.2系統(tǒng)模塊圖 32
4.1.3模塊設(shè)計 35
4.1.4系統(tǒng)總體流程圖 37
4.2系統(tǒng)工程的流程思想 38
4.3面向?qū)ο髾C制的設(shè)計思想 38
4.4代碼分層思想 38
4.5系統(tǒng)設(shè)計分析 39
4.6系統(tǒng)功能用例圖 39
4.6.1 系統(tǒng)的用例圖 39
4.6.2 系統(tǒng)部分模塊類圖 41
4.7 本章小結(jié) 42
第五章 數(shù)據(jù)庫設(shè)計 43
5.1 數(shù)據(jù)庫的分析 43
5.2 數(shù)據(jù)庫概念結(jié)構(gòu)設(shè)計 43
5.3 數(shù)據(jù)庫邏輯結(jié)構(gòu)設(shè)計 46
第六章 系統(tǒng)部分功能模塊的實現(xiàn) 50
6.1關(guān)鍵技術(shù)的實現(xiàn) 50
6.2部分功能模塊的實現(xiàn) 52
6.2.1登陸界面 52
6.2.2 主界面 52
6.3管理員插件與教師插件的設(shè)計 57
6.3.1管理員插件的設(shè)計 58
6.3.2教師插件的設(shè)計 59
6.4 本章小結(jié) 68
第七章 系統(tǒng)測試與維護 69
7.1 測試目的 69
7.2 系統(tǒng)測試 69
7.2.1 JSP的中文亂碼問題 70
7.2.2表單和表格打印問題 70
7.2.3數(shù)據(jù)庫時間字段以及頁面中的時間顯示問題 70
總  結(jié) 72
致  謝 73
參考文獻 74

題目 基于AXIS2安全模型設(shè)計





姓 名 ___
院 系 軟件工程學(xué)院 _
專 業(yè) ___________________
班級學(xué)號 __________
指導(dǎo)老師 ____________

摘 要
隨著電子政務(wù)和電子商務(wù)不斷推進，互聯(lián)網(wǎng)上的安全問題已經(jīng)日益突山，建立完善的電子認證體系成為電子政務(wù)和電子商務(wù)能否穩(wěn)定發(fā)展的關(guān)鍵。 以數(shù)字安全證書為核心的PKI(Public Key Infrastructure公鑰基礎(chǔ)設(shè)施)技術(shù)正在日趨成熟，PKI技術(shù)采用證書管理公鑰，通過第三方的可信任機構(gòu)認證中心CA(Certificate Authority)，把要傳輸?shù)臄?shù)字信息進行加密和簽名，保證信息傳輸?shù)臋C密性、真實性、完整性和不可否認性，從而保證信息的安全傳輸。其應(yīng)用已覆蓋了安全電子郵什、虛擬專用網(wǎng)絡(luò)(VPN)、Web交互安全、電子數(shù)據(jù)交換、Internet上的信用卡交易等，涉及電子商務(wù)、電子政務(wù)、電子事務(wù)安全等諸多領(lǐng)域。 本文首先介紹了CA認證的理論和技術(shù)和PKI體系的基本理論，重點分析了PKI加密技術(shù)及其涉及的關(guān)鍵技術(shù)，然后簡述了國內(nèi)外PKI／CA認證體系的概況，分析了國內(nèi)CA認證的現(xiàn)況，及CA建設(shè)中存在的問題。 針對貴陽CA認證中心，本文從GYCA系統(tǒng)需求入手，從應(yīng)用的角度討論了系統(tǒng)架構(gòu)、模塊的組成、原理、相互關(guān)系，分析了系統(tǒng)功能的實現(xiàn)技術(shù)。根據(jù)貴陽CA認證中心的實際工作流程、系統(tǒng)安全性的考慮以及實際應(yīng)用情況，討論了CA認證在電子政務(wù)中的實際應(yīng)用，研究PKI／CA認證技術(shù)在電子政務(wù)中的可行性。 PKI／CA的應(yīng)用已經(jīng)十分廣泛，本文以PKI／CA在電子政務(wù)中的實際應(yīng)用，在貴陽市公務(wù)員安全電子郵件系統(tǒng)的基礎(chǔ)上，結(jié)合系統(tǒng)實際，通過研究系統(tǒng)的功能特點、基礎(chǔ)架構(gòu)以及信息安全、提升應(yīng)用安全、深化應(yīng)用安全等方面，闡述了PKI／CA認證體系在系統(tǒng)中的運用，分析了提供加密功能的郵件安全改造，著重研究CA認證在電子政務(wù)中的應(yīng)用，而是用WEB SERVICE,AXIS2 能夠極大的保證系統(tǒng)的安全性。
因此，該系統(tǒng)實現(xiàn)了保密性、完整性、不可否認性等方面的安全需求，具有良好的實用價值和應(yīng)用推廣價值。
關(guān)鍵詞:糾紛仲裁，數(shù)字簽名，CA身份認證，抗抵賴性，WEB SERVICE,AXIS2





Abstract
This class performance management system for students were analyzed and studied. According to research, the current classes of students in many schools still use the paper signature performance management or directly transmitted without encryption in the online student course performance. The teacher will score the paper signature is printed on paper, and then be signed, its disadvantage is inconvenient to carry or store; transmitted without enc-krypton in the online results, then teachers may be uploaded to deny the results, the administrator From the results of the tampering and interception by others during transmission and so on. The digital signature technology in the identification and authentication, data integrity, anti-denial, and so has other technical advantages can not be replaced; it can achieve the results of security encryption. Therefore, the authors propose a class of students based on digital signature performance management system.
The system to SQL Server 2000 and JAVA as a development platform, the use of B / S architecture and C / S architecture combination to ensure system availability and security. Performance management system to achieve the students, college management, class management, curriculum management, teacher information management, public private key pair generation, signature verification and other functions results. B / S architecture is the system easy to install, affordable and small browser features, however, produced under the framework of public and private key pair and the online transmission is very secure. Therefore, the combination of C / S architecture, the system provides the public and private key pair generation and signature verification plug-in plug, so that public and private key pair generation and signature performance on the client side encryption. Teachers in public and private keys generated on the client after the first CA's public key public key encryption for teachers, and then uploaded to the server, then decrypted on the server-side.
In addition, to address controversial issues in future student achievement, student performance on the client first with the education Division of the private key signature, and then use the CA's public key encryption, and finally uploaded to the server, the server-side decryption, get the original results. Performance while preserving the signature database, the original score and upload the data and time information to provide authentication capabilities to address the performance accountability when doubts arise. But with WEB SERVICE, AXIS2 can greatly ensure the security of the system.
Therefore, the system realizes the confidentiality, integrity, non-repudiation and other security needs have good practical value and application value.
Keywords: dispute arbitration, digital signature, authentication, repudiation of, WEB SERVICE,AXIS2









目 錄
摘 要 I
Abstract II
目 錄 IV
第一章 緒論 1
1.1課題的背景和意義 1
1.2數(shù)字簽名技術(shù)的國內(nèi)外研究現(xiàn)狀 1
1.3本文主要研究內(nèi)容 3
1.4本文結(jié)構(gòu)與主要特點 4
第二章 公鑰密碼及數(shù)字簽名算法 6
2.1公鑰密..