PKI技术下网络安全平台构建  被引量：2

作　　者：王晨飞 赵文华 徐青 宋鹏飞 邵楠 Wang Chenfei;Zhao Wenhua;Xu Qing;Song Pengfei;Shao Nan(Customer Service Center Information Operation and Maintenance Center,State Grid Corporation of China,Tianjin 300309,China;Tianjin Puxun Power Information Technology Co.,Ltd.,Tianjin 300303,China)

机构地区：[1]国家电网有限公司客户服务中心信息运维中心,天津300309 [2]天津市普迅电力信息技术有限公司,天津300303

出　　处：《机电工程技术》2022年第8期164-166,230,共4页Mechanical & Electrical Engineering Technology

摘　　要：为了提高网络通讯的安全性,提出一种基于PKI技术的平台。该平台利用USB加密机制,通过公钥、私钥相结合的方式,实现用户的身份验证,保证数据信息的安全传输,提高客户端访问权限的管理水平。针对该平台现有的TCP/IP通讯协议,对客户端与服务器之间的数据流程进行重新设计。客户端通过与证书服务器之间的传输,得到用户访问的私钥证书,并对访问控制服务器进行访问,最终完成客户端的访问、服务器中信息的调用和证书验证,以此提高网络平台的安全优化。不同于其他安全机制,提出的客户端的USB密码机,通过与客户端所在的计算机之间建立隔离,降低其被攻击的几率。网络攻击实验显示,PKI技术能提高网络平台的安全性,该平台的构建具有较高的实用价值,适用于目前国内网络平台安全性低,网络架构不完善的情况。In order to improve the security of network communication, a platform based on PKI technology was proposed. The platform used USB encryption mechanism to realize user authentication through the combination of public key and private key, ensured the safe transmission of data information, and improved the management level of client access rights. According to the existing TCP/IP communication protocol of the platform, the data flow between the client and the server was redesigned. Through the transmission between the client and the certificate server,the private key certificate accessed by the user was obtained, and the access control server was accessed. Finally, the access of the client, the call of information in the server and the certificate verification were completed, so as to improve the security optimization of the network platform. Different from other security mechanisms, the USB password machine of the client proposed reduced the probability of being attacked by establishing isolation with the computer where the client was located. Network attack experiments show that PKI technology can improve the security of the network platform. The construction of the platform has high practical value. It is suitable for the situation that the security of the domestic network platform is low and the network architecture is imperfect.

关 键 词：PKI技术 网络安全 平台构建 加密 

分 类 号：TP393[自动化与计算机技术—计算机应用技术]