Professional Documents
Culture Documents
Pki
)(public key infrastructure
)(ISMS
:
) ( dial-up ) (lan .
. ) (
.
:
- :
.
- :
.
. .
. cryptography
.
.
.
.
.
A P B .
)(ISMS
A E P .
) (Ke P C P Ke
. B C D ) (Kd
C P .
Kd Ke
. A B Ke
. Ke A B B
A ) ( . A B
.
.
.
.
A B B . B
. B
.
.
) (function hash ) (
.
.
.
.
)(ISMS
.
.
.
. .
n
n-1(n )/ .
n ) ( .
)(
.
) ( firewall
. ) ( Intrusion Detection Systems -
) ( Virtual Private Networks .
) Infrastructure Public Key (PKI
.
.
.
.
:
.
A B .
B . :
)(ISMS
( B
( ) (
( B A
HTTP FTP TELNET
.
) (
FTP TELNET
.
.
.
.
Shell Secure SHTTP SFTP PGP Kerberos
.
X.509 .
ISO/ITU PKI X.500 . X.500
) ( Directory service .
)(ISMS
X.509
. SSL
. .
) ( Certification ) ( Validation PKI .
) ( .
PKI
PKI
.
PKI :
( ) :(Confidentiality .
( ) :(integrity
.
( ) :(authentication
.
( ) :(non - repudiation
.
( ) :(control .
( ) :(availability .
)(ISMS
:
( .
( .
( .
( .
.
) (bottle - neck .
PKI
PKI
.
.
) (certificate authority :ca .
. cross - reference
.
. .
.
.
.
)(ISMS
.
. ) (CRL
.
) (
.
X.509 .
:
-1 : .
3 .
-2 :
.
-3 : .
-4 : .X.500
-5 : .
-6 : .X.500
-7 :
.
.
X.500 ) (URL .
X.500 .
X.509 X.500
)(ISMS
) (
.
.
.
. .
:
(1 :
.
.
.
(2 :
. .
.
) (Key Pecovery .
.
.
.
)(ISMS
:
(1 :
.
(2 : ) (
.
(3 : .
.
(4 ) :(Truly attack - resistant devices
) ( .
PKI .
.
.
.
) ( .
PKI
.
) (PIN .
:
(1
(2 ) (
(3 )(root
(4 root
)(ISMS
PKI .
) ( .
.
.
.
root .
.
. .
.
) (
. ) (