摘要
解决Web数据通信安全的常用方法是采用SSL(secure socket layer)协议建立安全的Http连接,通过身份认证和数据加密来保证敏感数据的传输安全.但是,目前支持SSL协议的应用程序,如IE浏览器,它们采用的算法是不可替换的,因此无法满足关键领域和重要部门提出的更高级别的安全需要.代理技术为实现这一目标提供了良好的支持;介绍了安全代理技术的概念;分析比较了不同种类安全代理的优缺点;着重阐述了实现Windows平台下传输层安全代理的原理;提出了一种利用安全代理实现Web数据通信安全的解决方案.该方案支持应用透明和各种安全服务机制,易于将安全管理集中化,为Web数据的通信安全提供了更加灵活的方法.
A common method to resolve the security of Web data communication is to establish the secure Http connection using SSL protocol, and ensure the security of sensitive data transmission by identity authentication and data encryption. However, the applications now supporting SSL protocol such as IE browser use unchangeable encryption algorithms, so they can't meet much higher level security requirements proposed by vital domains and important departments. Proxy technique provides well-supports for above-mentioned objective. The article introduces the concept of proxy technique and compares the advantages and disadvantages of different security proxies, furthermore, it discusses the theory of transport layer security proxy under Windows platform and comes up with a resolution using security proxy to ensure the security of Web data communication. The resolution supports application transparency and variety of security services mechanisms, and it is easy to centralize security management and provides more flexible ways for secure Web data communication.
出处
《装备指挥技术学院学报》
2003年第6期92-95,共4页
Journal of the Academy of Equipment Command & Technology
