安全WWW服务器的设计与实现及PKI体系的设计
|
摘要
Web 服务器能够灵活地提供各种格式的、内容丰富的信息,能够优化信息
的管理。另外 Web 服务的客户端可以运行在任何的操作系统平台之上,突破
平台桎梏。所以Web服务越来越多的应用于各种领域,其中的热点有电子商
务交互平台、企业内部信息发布管理系统。这些都是能够接触到敏感信息的应
用。因此有力的保障信息交互的安全、可靠,是发展电子商务和企业信息平台
的关键。
安全WWW服务器是构成安全的电子商务、可信的企业信息平台的核心功
能部件,对保证Web服务系统的正常运行,保障企业安全策略的正确实施,
维护商务及信息的可靠性等都具有十分重要的意义。本文旨在论述基于增强
BLP模型的安全WWW服务器的设计原则和具体的实现方法,同时提出建立
PKI公钥基础设施的构想。内容组织如下:
首先介绍了Bell-LaPadula模型(简称 BLP 模型);根据对 BLP模型的分析
提出对它的改进,形成设计的理论基础---增强 BLP 模型。然后,按照功能的
分类,对安全WWW服务器的设计原则逐一阐述;这里分为五大功能模块,
分别是身份认证、访问控制、数据加密、证书及密钥、以及管理模块。最后,
提出一个实现PKI公钥基础设施的可行方案;同样按照功能分为CA认证中心、
证书库、密钥备份及恢复系统、证书撤销系统四个服务器端的模块。最后,提
出了它的应用前景。
Web server can flexibly provide us with a wide range of data format and plenty
of information, it also maintain and optimize the management of information.
Furthermore, the client side of web server can be run at any platform of operating
system. So Web server become more and more important and used in all sort of areas.
The hot spot among those are the electronic business interact platform, Intranet
information distribute and manage system. Yet this information tangles with
something that needs great cautious. There must be some strong support to make sure
the information float in a secure and reliable way, this is very crucial to the success
of the electronic trade. The Secure WWW Serve is the kernel of electronic trade and
information platform of a enterprise. It guaranties the web server system to run
normally and maintain the correct execution of secure police of the enterprise and
help to establish the trusty of the commerce and information. This paper is intend to
discuss Secure WWW Server's design principal and detail implementing method
based on the enhance BLP model, it also suggests a way to establish the PKI. It is
organized as follow:
First, I make a brief introduction on Bell-LaPadula model (BLP model); a
detailed analyze on BLP model and the improvement on it which formed the
theoretic base of my design, the enhanced BLP model.
Then, according the functional category, I present in detail the Secure WWW
server design rules. Here I show in five blocks: identification authorization, access
control, data encryption, certification and decryption/encryption keys, and manage
model.
In the last, I provide a solution to implementation PKI, It contains the CA center,
certification database, key backup and restore system, and cortication release. Finally
I show some aspect of the application in the future.
的管理。另外 Web 服务的客户端可以运行在任何的操作系统平台之上,突破
平台桎梏。所以Web服务越来越多的应用于各种领域,其中的热点有电子商
务交互平台、企业内部信息发布管理系统。这些都是能够接触到敏感信息的应
用。因此有力的保障信息交互的安全、可靠,是发展电子商务和企业信息平台
的关键。
安全WWW服务器是构成安全的电子商务、可信的企业信息平台的核心功
能部件,对保证Web服务系统的正常运行,保障企业安全策略的正确实施,
维护商务及信息的可靠性等都具有十分重要的意义。本文旨在论述基于增强
BLP模型的安全WWW服务器的设计原则和具体的实现方法,同时提出建立
PKI公钥基础设施的构想。内容组织如下:
首先介绍了Bell-LaPadula模型(简称 BLP 模型);根据对 BLP模型的分析
提出对它的改进,形成设计的理论基础---增强 BLP 模型。然后,按照功能的
分类,对安全WWW服务器的设计原则逐一阐述;这里分为五大功能模块,
分别是身份认证、访问控制、数据加密、证书及密钥、以及管理模块。最后,
提出一个实现PKI公钥基础设施的可行方案;同样按照功能分为CA认证中心、
证书库、密钥备份及恢复系统、证书撤销系统四个服务器端的模块。最后,提
出了它的应用前景。
Web server can flexibly provide us with a wide range of data format and plenty
of information, it also maintain and optimize the management of information.
Furthermore, the client side of web server can be run at any platform of operating
system. So Web server become more and more important and used in all sort of areas.
The hot spot among those are the electronic business interact platform, Intranet
information distribute and manage system. Yet this information tangles with
something that needs great cautious. There must be some strong support to make sure
the information float in a secure and reliable way, this is very crucial to the success
of the electronic trade. The Secure WWW Serve is the kernel of electronic trade and
information platform of a enterprise. It guaranties the web server system to run
normally and maintain the correct execution of secure police of the enterprise and
help to establish the trusty of the commerce and information. This paper is intend to
discuss Secure WWW Server's design principal and detail implementing method
based on the enhance BLP model, it also suggests a way to establish the PKI. It is
organized as follow:
First, I make a brief introduction on Bell-LaPadula model (BLP model); a
detailed analyze on BLP model and the improvement on it which formed the
theoretic base of my design, the enhanced BLP model.
Then, according the functional category, I present in detail the Secure WWW
server design rules. Here I show in five blocks: identification authorization, access
control, data encryption, certification and decryption/encryption keys, and manage
model.
In the last, I provide a solution to implementation PKI, It contains the CA center,
certification database, key backup and restore system, and cortication release. Finally
I show some aspect of the application in the future.
引文
[1] US DODf Trust ComPuter System Evalation Criteria. Dec 1985
[2] David E. Bell and Leonard J. LaPadula, Secure boter bo: op
pethe edMulta Inbo, he l976
[3] Linux ZssM
[4] JOhn MCLean, Center fOr boh Assurance ComPuter SyStems, Naval Research'
Laboratory washingtO4 D.C. 200375 A Cmpment. on the 'for bo bom."
ofAslledpe
[5] W For' ana M.S. Baum, bo for commerce: W the
Wjor Doptof wt & wtho' Prenice Hall PTR, UPPer Saddle
hiveq NJ, l997
[6] M Mnunendation X.so9f The .DirectoryAuhenicatiOn Framewrk 1998
[7] K. HOusley W Ford, w Pol' and Di Solo, Intwt X,09 Public Key
pebe -- edCRL op, nyc. 2459, JAn 1999.
[8] K mvest, Mrr Laboratory fOr ComPUter Sdence.;nd RSA}Data Swt Inc.,
ffe am~twAbobo, RFC 1321, APril 1992..
[9] M. twh, BellWerthbo hearch Ltd, and' M. chs, IntndiOnal Bu8iness.'
Machines, and Y bo, NEC Syatems Laboratry' and R. Kuri% Unify Coopboo4
and D. KOb1as, Intwendent COnSUltant, and L. Ibnes, 'Heded-PaCbo fComPany
SOCAfbo bo s, RFc 1928, ed 1996.
[10] R. Fielding, UC Ihane, and J. oos, Ji MogUl, DEC, tal H. Ftystyk, 'T
Bemers-Lee, MITMS, bot mpr Ptoed -- HTh.I, RFC 2068,
Jamp 1997
[11] M. M, .Critical Angle Inc., and T Hbwes, NetSCaPe Communications Corp,
and S. Xille, Isode Lidsd, LottWeott Dbectory Access Pro~ (v3), RFC 2251,''
December l997
[12] L. Wd, IndePendot Consultant, An --.for Utw LDM -as a
Newt pe Srtce, RFc 2307, March 1998
[13] S. BMn, Ethest, and T HOwes, NatSCaPe, and P kichrt, XCert, Intwt
XJ09 Pubhc Key twcbe OPefor Probols - LDAPV2,taRFC 2559, APril'
1999
[14] S. BoopA Entrust, and T HOWs, NetscaPe, and P mbtal, Xod, Inthet
Xs00 Inbltc xey pe usm stwma arC 2587, for 1999
[15] J. Fwt, Northwotem University and P HallamHakef, Veriwi Inc., and J.
HoStatlpe AbiSourCe, Inc., and S. LaWrence, Wat Sy8tems, Inc., and P Leacly
Microsoft CorPOhaoA and A. LuOtOneq NescaPe Communications Cooprator
and L. SteWart, OPen W Inc., N Authenhoho: Basc nd Dgh Accor
Authenoo RFC 2617, June 1999
[16] E. Rescori' RTFM, Inc., Hpp ther ns RFC 2818, May 2000
[17] E. StOkes, D. Byme, IBM and B. Blakley Dascony and P Behny NetSCaPe,
Access Connd pefor LDM RFC 2820, May 2000
[18] M. Wahl, Sun MicrosySterw Ihc., and H. AlveStrand, EDB bo, and J.
HOdges, Oblix, Inc., and R. MOW University of WashingtOD, Aubo
Mendfor LDAP RFc 2829, mp 2000
[19] J. HOdgeS, Oblis Inc., and K Mmpan, Univ of Washington, and M(Wahl, Sun
MicroSystms, Inc., L~gh bo Acces bol (v3): bo for
tw tw bo RFC 2830, ~ 2000
[20] ch Mtw Cener fOr op Assuranco ComPUer SyStems, NaVal Kesearh
Lab, WashiopOn, D.C., ffe SPepo edMdehng of-- Seboty
[21] Ravi S. Sandh4 Lab for bo, S~ TeCh.,-ISSE DeP., MS 4A4, beIge
MaSon UniY, RoleforACCm bo
[22] Sophie Cluet, INRIA RO--, and Obo KaPitdsa, nsTLabS-Re8earc'
and Divesh SriVaStaVa, rmT Lab-- UtwjLDAP DboCtmp bo
[23] DOn Davis, IndePenent Consultan bo Pha an for bo are ffeb'
securty
[24] Along Lhe HeWotaCkar Lab.,'Intw PoWven Role BaSed Acces''
bo mta ffe c-bo An bo Arcntecbe'''..
[25] Ravi S' Sandhu, W J. CW, An L. FeinStein ~ Chares(E. YOmp
RoleM Accco tw W4 M ComPUeq VOkimn 29,' Number 2, Feb.
1996, PageS 3847
[26] Pekka thetalpe Hesich Uulv. bf TeCh., and Lea Wiane4 -Univ Of Helsinki, -
MedRetwbot w
[27] David Wanger Univ of Califonda, Berk6ley and Bruce Schnaier Counterpane,
Systems, AnaIpo of the SH 30 Asnd.
[28] Alan O. Freier, Nat8CaPe Connnulcations, and Philip Karito4 NatscaPe
COmmunications, nd Paul C. KOCer, Independeni Consultant, ffe SSL boI.
Ve- 3.0, Tran8POrtLaW S~ Wotking GrOuP, NOVmber l8, l996...
[29]
[30]
[31]
[32]
[331
[33]
[34] http://WebServerCompare.internet.com
[35] http://www.aheca.com
[36] http://www.bj.cmbchina.com
[2] David E. Bell and Leonard J. LaPadula, Secure boter bo: op
pethe edMulta Inbo, he l976
[3] Linux ZssM
[4] JOhn MCLean, Center fOr boh Assurance ComPuter SyStems, Naval Research'
Laboratory washingtO4 D.C. 200375 A Cmpment. on the 'for bo bom."
ofAslledpe
[5] W For' ana M.S. Baum, bo for commerce: W the
Wjor Doptof wt & wtho' Prenice Hall PTR, UPPer Saddle
hiveq NJ, l997
[6] M Mnunendation X.so9f The .DirectoryAuhenicatiOn Framewrk 1998
[7] K. HOusley W Ford, w Pol' and Di Solo, Intwt X,09 Public Key
pebe -- edCRL op, nyc. 2459, JAn 1999.
[8] K mvest, Mrr Laboratory fOr ComPUter Sdence.;nd RSA}Data Swt Inc.,
ffe am~twAbobo, RFC 1321, APril 1992..
[9] M. twh, BellWerthbo hearch Ltd, and' M. chs, IntndiOnal Bu8iness.'
Machines, and Y bo, NEC Syatems Laboratry' and R. Kuri% Unify Coopboo4
and D. KOb1as, Intwendent COnSUltant, and L. Ibnes, 'Heded-PaCbo fComPany
SOCAfbo bo s, RFc 1928, ed 1996.
[10] R. Fielding, UC Ihane, and J. oos, Ji MogUl, DEC, tal H. Ftystyk, 'T
Bemers-Lee, MITMS, bot mpr Ptoed -- HTh.I, RFC 2068,
Jamp 1997
[11] M. M, .Critical Angle Inc., and T Hbwes, NetSCaPe Communications Corp,
and S. Xille, Isode Lidsd, LottWeott Dbectory Access Pro~ (v3), RFC 2251,''
December l997
[12] L. Wd, IndePendot Consultant, An --.for Utw LDM -as a
Newt pe Srtce, RFc 2307, March 1998
[13] S. BMn, Ethest, and T HOwes, NatSCaPe, and P kichrt, XCert, Intwt
XJ09 Pubhc Key twcbe OPefor Probols - LDAPV2,taRFC 2559, APril'
1999
[14] S. BoopA Entrust, and T HOWs, NetscaPe, and P mbtal, Xod, Inthet
Xs00 Inbltc xey pe usm stwma arC 2587, for 1999
[15] J. Fwt, Northwotem University and P HallamHakef, Veriwi Inc., and J.
HoStatlpe AbiSourCe, Inc., and S. LaWrence, Wat Sy8tems, Inc., and P Leacly
Microsoft CorPOhaoA and A. LuOtOneq NescaPe Communications Cooprator
and L. SteWart, OPen W Inc., N Authenhoho: Basc nd Dgh Accor
Authenoo RFC 2617, June 1999
[16] E. Rescori' RTFM, Inc., Hpp ther ns RFC 2818, May 2000
[17] E. StOkes, D. Byme, IBM and B. Blakley Dascony and P Behny NetSCaPe,
Access Connd pefor LDM RFC 2820, May 2000
[18] M. Wahl, Sun MicrosySterw Ihc., and H. AlveStrand, EDB bo, and J.
HOdges, Oblix, Inc., and R. MOW University of WashingtOD, Aubo
Mendfor LDAP RFc 2829, mp 2000
[19] J. HOdgeS, Oblis Inc., and K Mmpan, Univ of Washington, and M(Wahl, Sun
MicroSystms, Inc., L~gh bo Acces bol (v3): bo for
tw tw bo RFC 2830, ~ 2000
[20] ch Mtw Cener fOr op Assuranco ComPUer SyStems, NaVal Kesearh
Lab, WashiopOn, D.C., ffe SPepo edMdehng of-- Seboty
[21] Ravi S. Sandh4 Lab for bo, S~ TeCh.,-ISSE DeP., MS 4A4, beIge
MaSon UniY, RoleforACCm bo
[22] Sophie Cluet, INRIA RO--, and Obo KaPitdsa, nsTLabS-Re8earc'
and Divesh SriVaStaVa, rmT Lab-- UtwjLDAP DboCtmp bo
[23] DOn Davis, IndePenent Consultan bo Pha an for bo are ffeb'
securty
[24] Along Lhe HeWotaCkar Lab.,'Intw PoWven Role BaSed Acces''
bo mta ffe c-bo An bo Arcntecbe'''..
[25] Ravi S' Sandhu, W J. CW, An L. FeinStein ~ Chares(E. YOmp
RoleM Accco tw W4 M ComPUeq VOkimn 29,' Number 2, Feb.
1996, PageS 3847
[26] Pekka thetalpe Hesich Uulv. bf TeCh., and Lea Wiane4 -Univ Of Helsinki, -
MedRetwbot w
[27] David Wanger Univ of Califonda, Berk6ley and Bruce Schnaier Counterpane,
Systems, AnaIpo of the SH 30 Asnd.
[28] Alan O. Freier, Nat8CaPe Connnulcations, and Philip Karito4 NatscaPe
COmmunications, nd Paul C. KOCer, Independeni Consultant, ffe SSL boI.
Ve- 3.0, Tran8POrtLaW S~ Wotking GrOuP, NOVmber l8, l996...
[29]
[30]
[31]
[32]
[331
[33]
[34] http://WebServerCompare.internet.com
[35] http://www.aheca.com
[36] http://www.bj.cmbchina.com