Nowadays PKI(Public Key Infrastructure) is known as very general security infrastructure for establishment of secure internet environment. Many countries already established their Digital Signature Act and have designated several licensed CAs under th...
다국어 입력
あ
ぁ
か
が
さ
ざ
た
だ
な
は
ば
ぱ
ま
や
ゃ
ら
わ
ゎ
ん
い
ぃ
き
ぎ
し
じ
ち
ぢ
に
ひ
び
ぴ
み
り
う
ぅ
く
ぐ
す
ず
つ
づ
っ
ぬ
ふ
ぶ
ぷ
む
ゆ
ゅ
る
え
ぇ
け
げ
せ
ぜ
て
で
ね
へ
べ
ぺ
め
れ
お
ぉ
こ
ご
そ
ぞ
と
ど
の
ほ
ぼ
ぽ
も
よ
ょ
ろ
を
ア
ァ
カ
サ
ザ
タ
ダ
ナ
ハ
バ
パ
マ
ヤ
ャ
ラ
ワ
ヮ
ン
イ
ィ
キ
ギ
シ
ジ
チ
ヂ
ニ
ヒ
ビ
ピ
ミ
リ
ウ
ゥ
ク
グ
ス
ズ
ツ
ヅ
ッ
ヌ
フ
ブ
プ
ム
ユ
ュ
ル
エ
ェ
ケ
ゲ
セ
ゼ
テ
デ
ヘ
ベ
ペ
メ
レ
オ
ォ
コ
ゴ
ソ
ゾ
ト
ド
ノ
ホ
ボ
ポ
モ
ヨ
ョ
ロ
ヲ
―
http://chineseinput.net/에서 pinyin(병음)방식으로 중국어를 변환할 수 있습니다.
변환된 중국어를 복사하여 사용하시면 됩니다.
예시)
- 中文 을 입력하시려면 zhongwen을 입력하시고 space를누르시면됩니다.
- 北京 을 입력하시려면 beijing을 입력하시고 space를 누르시면 됩니다.
А
Б
В
Г
Д
Е
Ё
Ж
З
И
Й
К
Л
М
Н
О
П
Р
С
Т
У
Ф
Х
Ц
Ч
Ш
Щ
Ъ
Ы
Ь
Э
Ю
Я
а
б
в
г
д
е
ё
ж
з
и
й
к
л
м
н
о
п
р
с
т
у
ф
х
ц
ч
ш
щ
ъ
ы
ь
э
ю
я
′
″
℃
Å
¢
£
¥
¤
℉
‰
$
%
F
₩
㎕
㎖
㎗
ℓ
㎘
㏄
㎣
㎤
㎥
㎦
㎙
㎚
㎛
㎜
㎝
㎞
㎟
㎠
㎡
㎢
㏊
㎍
㎎
㎏
㏏
㎈
㎉
㏈
㎧
㎨
㎰
㎱
㎲
㎳
㎴
㎵
㎶
㎷
㎸
㎹
㎀
㎁
㎂
㎃
㎄
㎺
㎻
㎽
㎾
㎿
㎐
㎑
㎒
㎓
㎔
Ω
㏀
㏁
㎊
㎋
㎌
㏖
㏅
㎭
㎮
㎯
㏛
㎩
㎪
㎫
㎬
㏝
㏐
㏓
㏃
㏉
㏜
㏆
RISS 인기검색어
效率的인 認證書 狀態 및 經路 檢證 시스템에 관한 硏究 = (A) Study on system with a function of efficient certificate status and path validation
한글로보기https://www.riss.kr/link?id=T8606184
- 저자
-
발행사항
서울 : 成均館大學校 大學院, 2002
-
학위논문사항
學位論文(博士) -- 成均館大學校 大學院 , 電氣電子 및 컴퓨터工學科 電氣電子 및 컴퓨터工學專攻 , 2002
-
발행연도
2002
-
작성언어
한국어
- 주제어
-
DDC
005.8 판사항(20)
-
발행국(도시)
서울
-
형태사항
vi, 86 p. : 삽도 ; 26 cm.
-
일반주기명
지도교수: 원동호
參考文獻: p. 79-84 -
소장기관
- 강원대학교 도서관
- 국립중앙도서관
- 대구대학교 학술정보원
- 상명대학교 천안학술정보관
- 성균관대학교 중앙학술정보관
- 순천향대학교 도서관
- 전남대학교 중앙도서관
- 강원대학교 도서관
-
0
상세조회 -
0
다운로드
부가정보
다국어 초록 (Multilingual Abstract)
Nowadays PKI(Public Key Infrastructure) is known as very general security infrastructure for establishment of secure internet environment. Many countries already established their Digital Signature Act and have designated several licensed CAs under the law. Through such a PKI environment, many users already deployed PKI-enabled applications or are considering to do them. Nevertheless, in terms of general network environment's prospective, there is a critical problem should be solved relating for certificate status check and certification path validation.
Although lots of technologies relating to certificate verification issues have been developed and standardized, definitely exact and perfect solution did not develop yet. We propose an efficient certificate status check and certification path validation method for specially real-time based client/server environment with huge scale in Internet environment. The proposed system provides an outstanding efficiency and cost-effectiveness in viewpoint of relying party such as large-scaled server of a internet banking, and so on.
The concept of proposed scheme is that before a sender will send a digital signature to a recipient who is big server with lots of client, he/she contacts the VA(Validation Authority) server and gets some initial information from it. And then he/she receives a VC(Validation Certificate) with a result of checking certificate status and path validation. After received VC, he/she sends a digital signature made by him/her and VC to the target server. At that time, the target server, that is relying party, is no need to check the authenticity of the used certificate based on CRL, and so on. Instead of it, the server only checks the authenticity of the VC only using one-time hash operation.
By using the proposed scheme, the users can establish an efficient PKI enabled application and system for large-scaled real-time client/server system based on Internet. Through such the implementation, the relying party gets rid of a critical risk that could be happened in real-time client/server environment, and had bad influence on stable operation of the system.
Although lots of technologies relating to certificate verification issues have been developed and standardized, definitely exact and perfect solution did not develop yet. We propose an efficient certificate status check and certification path validation method for specially real-time based client/server environment with huge scale in Internet environment. The proposed system provides an outstanding efficiency and cost-effectiveness in viewpoint of relying party such as large-scaled server of a internet banking, and so on.
The concept of proposed scheme is that before a sender will send a digital signature to a recipient who is big server with lots of client, he/she contacts the VA(Validation Authority) server and gets some initial information from it. And then he/she receives a VC(Validation Certificate) with a result of checking certificate status and path validation. After received VC, he/she sends a digital signature made by him/her and VC to the target server. At that time, the target server, that is relying party, is no need to check the authenticity of the used certificate based on CRL, and so on. Instead of it, the server only checks the authenticity of the VC only using one-time hash operation.
By using the proposed scheme, the users can establish an efficient PKI enabled application and system for large-scaled real-time client/server system based on Internet. Through such the implementation, the relying party gets rid of a critical risk that could be happened in real-time client/server environment, and had bad influence on stable operation of the system.
Nowadays PKI(Public Key Infrastructure) is known as very general security infrastructure for establishment of secure internet environment. Many countries already established their Digital Signature Act and have designated several licensed CAs under the law. Through such a PKI environment, many users already deployed PKI-enabled applications or are considering to do them. Nevertheless, in terms of general network environment's prospective, there is a critical problem should be solved relating for certificate status check and certification path validation.
Although lots of technologies relating to certificate verification issues have been developed and standardized, definitely exact and perfect solution did not develop yet. We propose an efficient certificate status check and certification path validation method for specially real-time based client/server environment with huge scale in Internet environment. The proposed system provides an outstanding efficiency and cost-effectiveness in viewpoint of relying party such as large-scaled server of a internet banking, and so on.
The concept of proposed scheme is that before a sender will send a digital signature to a recipient who is big server with lots of client, he/she contacts the VA(Validation Authority) server and gets some initial information from it. And then he/she receives a VC(Validation Certificate) with a result of checking certificate status and path validation. After received VC, he/she sends a digital signature made by him/her and VC to the target server. At that time, the target server, that is relying party, is no need to check the authenticity of the used certificate based on CRL, and so on. Instead of it, the server only checks the authenticity of the VC only using one-time hash operation.
By using the proposed scheme, the users can establish an efficient PKI enabled application and system for large-scaled real-time client/server system based on Internet. Through such the implementation, the relying party gets rid of a critical risk that could be happened in real-time client/server environment, and had bad influence on stable operation of the system.
목차 (Table of Contents)
- 목차
- ◇ 표목차
- ◇ 그림목차
- ◇ 기호설명
- 1. 서론 = 1
- 목차
- ◇ 표목차
- ◇ 그림목차
- ◇ 기호설명
- 1. 서론 = 1
- 2. PKI 관련 연구 현황 분석 = 4
- 2.1 PKI의 기본적 이해 = 4
- 2.2 PKI 기술 및 표준 개요 = 8
- 2.2.1 배경 = 8
- 2.2.2 PKI 기술 영역 분류 및 표준화 현황 = 9
- 2.2.3 인증서 및 CRL 프로파일 분석 = 15
- 2.2.4 인증서 경로 검증 방법론 = 35
- 3. 인증서 상태 및 경로 검증 관련 연구 = 37
- 3.1 인증서 상태 검증 관련 기술 분석 = 37
- 3.1.1 CRL 기반 방법론 = 39
- 3.1.2 온라인 상태 확인 기반 방법론 = 41
- 3.1.3 비표준 신개념 기반 방법론 = 43
- 3.1.4 기존 메커니즘들의 문제점 분석 = 44
- 3.2 인증서 경로 검증 관련 기술 분석 = 52
- 3.2.1 SCVP = 52
- 3.2.2 DVCSP = 52
- 4. 제안하는 효율적인 인증서 상태 및 경로 검증 시스템 = 53
- 4.1 사용환경 모델 및 평가기준 정의 = 53
- 4.1.1 사용 환경 모델 정의 = 54
- 4.1.2 평가기준 정의 = 55
- 4.2 제안 시스템 = 59
- 4.2.1 구성요소 = 59
- 4.2.2 약어 및 기호 = 60
- 4.2.3 제안 시스템 = 62
- 4.3 제안 시스템 분석 = 71
- 4.3.1 목표 요구조건 만족 여부 분석 = 71
- 4.3.2 기존 방식 비교 분석 = 72
- 5. 결론 = 77
- 참고문헌 = 79
- Abstract = 85
분석정보
이 자료와 함께 이용한 RISS 자료
나만을 위한 추천자료
