信息安全—毕业论文

1目录1绪论......................................................................41.1信息安全概述........................................................41.2信息安全的主要内容..................................................51.2.1机密性（Confidentiality）.....................................51.2.2完整性（Integrity）...........................................51.2.3抗抵赖性（Non-repudiation）...................................51.2.4鉴别（Authentication）........................................51.3本文主要内容........................................................51.3.1SSL（SecureSocketLayer，安全套接字层）协议..................51.3.2HTTPS（SecureHypertextTransferProtocol，安全的超文本传输协议）协议...............................................................61.3.3OpenSSL软件包................................................62SSL协议原理...............................................................62.1SSL协议原理概述.....................................................62.2SSL协议提供的服务...................................................72.3SSL协议的工作流程...................................................72.3.1握手过程.....................................................72.3.2数据加密.....................................................92.3.3标准的SSL实施...............................................92.4小结...............................................................103安全连接方式HTTPS........................................................103.1HTTPS概述.........................................................103.2组建HTTPS服务器的方法.............................................113.2.1软件下载....................................................123.2.2安装平台：RedLinux...........................................123.2.3具体安装步骤................................................123.3HTTPS与HTTP的比较.................................................143.4小结...............................................................154OpenSSL软件包实现的密码学................................................154.1密码学概述.........................................................154.2OpenSSL概述........................................................154.3对称加密算法.......................................................164.3.1指令格式....................................................164.3.2功能概述....................................................164.3.3转换思路....................................................174.4非对称加密算法.....................................................184.4.1指令格式.....................................................184.4.2功能概述.....................................................1824.4.3转换思路....................................................194.5信息摘要算法........................................................194.5.1指令格式....................................................194.5.2功能概述.....................................................204.5.3转换思路....................................................204.6证书和证书管理......................................................214.6.1指令格式....................................................214.6.2功能概述....................................................214.6.3转换思路.....................................................234.7模拟SSL...........................................................244.7.1指令格式....................................................244.7.2功能概述....................................................254.7.3转换思路....................................................254.8标准转换...........................................................274.8.1指令格式....................................................274.8.2功能概述....................................................274.8.3转换思路....................................................275结论.....................................................................28致谢.......................................................................29附录.......................................................................29参考文献....................................................................293SSL/TLS协议的应用摘要在因特网上通常的连接方式中，通信是以明文的形式传播的，这就有可能被非法窃听到，尤其是用于认证的口令信息。为了避免这个安全漏洞，就必须对传输过程进行加密。为此，我们使用公钥加密数据，并对站点颁发证书以防假冒。对HTTP（HypertextTransferProtocol，超文本传输协议）传输进行加密的协议为HTTPS（SecureHypertextTransferProtocol，安全的超文本传输协议），它是通过SSL（SecureSocketLayer，安全套接字层）进行HTTP传输的协议，不但通过公用密钥的算法进行加密保证传输的安全性，而且还可以通过获得认证证书CA（CertificationAuthority，证书管理机构），保证客户连接的服务器没有被假冒。关键字明文；公用密钥；证书；安全性ABSTRACTIntheusualconnectionoftheInternet,communicationistransmitedintheformoftext,whichmaybeillegalwiretappingto,inparticular,thepasswordforauthenticationinformation.Toavoidthisflaw,itisnecessarythattransmissionisencrypted.Tothisend,weusethepublickeytoencryptdata,andissuecertificatetositetopreventcounterfeiting.TheprotocolencryptingtheHTTP(HypertextTransferProtocol)fortransmissionisHTTPS(SecureHypertextTransferProtocol,thesafetyHypertextTransferProtocol),itisaprotocolwhichuseSSL(SecureSocketLayer,SecureSocketsLayer)forHTTPtransmission,notonlythroughpublickeyencryptionalgorithmtoensurethesafetyoftransmission,butalsothroughtheacquisitionofthecertificationCA(CertificationAuthority,certificatemanagementagencies)toensurethattheservercustomersconnectedtoisnotfake.Keywordt