《(4.5.1)--3.5TransactionSecurity(2).pdf》由会员分享,可在线阅读,更多相关《(4.5.1)--3.5TransactionSecurity(2).pdf(12页珍藏版)》请在taowenge.com淘文阁网|工程机械CAD图纸|机械工程制图|CAD装配图下载|SolidWorks_CaTia_CAD_UG_PROE_设计图分享下载上搜索。
1、Digital time-stamp(DTS)is an electronic commerce security project provided by DTS service organization,which is used to prove the time of sending information.The DTS mainly includes three parts:l Summary of documents requiring timestampl The date and time DTS received the document.l Digital Signatur
2、e of DTSThe digital time-stamp guarantees that counterparty cannot deny the execution time of its action.OriginalmessageDigestTimestampDigestTimestampPrivate key of DTSDTS signatureDigestTime The generation process of digital time-stampDigital certificate(also called public key certificate or digita
3、l certificate)is an electronic document that is signed by Certificate Authority(CA)and contains user identity information and public key information.Function:Digital certificates can be used to solve the problem of digital identity.Version number Serial number Signature algorithm identifier Certific
4、ate authority Issuance/expiration date Thematic information Digital signature of the certification authority Subject public keyComponents of digital certificateDigital certificates have the following functions:l Confidentialityl Authenticationl Integrityl Non-repudiationA certificate authority(CA)is
5、 a trusted entity that manages and issues security certificates and public keys that are used for secure communication in a public network.A certificate authority accomplishes three major tasks:l Issuing certificatesl Confirming the identity of the certificate ownerl Providing proof that the certifi
6、cate is validA public key infrastructure(PKI)is a set of roles,policies,hardware,software and procedures needed to create,manage,distribute,use,store and revoke digital certificatesand manage public-key encryption.The purpose of a PKI is to facilitate the secure electronic transfer of information for a range of network activities such as e-commerce,internet banking and confidential email.Components of PKICertificate authorityDigital certificate repositoryKey backup and recovery systemCertificate revocation systemAPI