Add locks to OA security with smart card and file access control technology

The efficiency of the OA system has received more and more attention, and the dependence of enterprises and governments on it has gradually increased. However, due to the openness of the Internet and the lack of sufficient attention of users to the security of the intranet, the security problems faced by OA systems are also becoming more and more serious.

At present, most OA systems use username/password for identity authentication. When passwords are transmitted over the Internet, they are easily intercepted by some hacker software through the network. Due to the limited strength of the username and password, it is easy to be cracked. In addition, during the transmission process, especially some confidential information, once it is eavesdropped, it will have a great impact on the whole organization; the stored files in the OA system can make the intruder easy because of the lack of sufficient security measures. Get confidential documents. For the security problem of OA system, OA vendors with high security generally adopt USBKEY authentication to implement identity authentication, and adopt SSL protocol to achieve security during transmission. However, this method reduces the efficiency of OA. At the same time, because the message is in plain text, it is impossible to prevent attacks from entering the backend database. For the security of files in the OA system, especially under the B/S architecture, it has not received enough attention.

1. Security OA model

A security OA model is designed for the above security issues. The model adopts PKI technology such as digital encryption, digital signature, smart card, etc., and is designed with access control technology. Moreover, a trusted security key server (SKS) is introduced. The main role of this server is to be responsible for user identity authentication and file key generation and distribution. It is necessary to pay attention to the identity authentication and file key here. All are the same symmetric key.

1.1 Introduction to basic technology

Digital encryption technology is mainly divided into symmetric encryption and asymmetric encryption. Symmetric encryption uses a private key (also known as a symmetric key) to encrypt information. The same key is used to encrypt and decrypt information. The typical representation is the DES algorithm. The advantage is that the encryption speed is fast, but the key distribution is complicated. Different from symmetric encryption, the basic feature of public key cryptography is that the encryption and decryption keys are different. It is based on the public key cryptosystem. The typical algorithm is RSA encryption algorithm. The advantage is high security. In practical applications, the advantages of both can be utilized, a symmetric encryption system is used to encrypt files, and a public key encryption system is used to encrypt the "encrypted file" key (session key). This is a hybrid encryption system, which is better solved. The problem of computing speed and key distribution management.

Digital signature and verification technology: Digital signature solves the problem of validity in file transmission, prevention of flaw modification and non-repudiation of transmission and reception. The so-called digital signature is that the sender of the message uses the private key to perform the RSA algorithm encryption operation on the digital digest extracted from the transmitted message. When the receiver receives the message, the sender can use the public key of the sender to digitally sign the message. authenticating.

Smart card technology: The smart card integrates a microprocessor, read-only memory, random access memory, and electrically erasable memory. The microprocessor is the core of the whole chip, and completes the computing task; the read-only memory is used to store the preset program code, generally the micro-operating system; the random access memory is used as the temporary storage data during the operation, and stores the parameters such as the command parameters and returns the result. Data such as temporary work keys; electrically erasable memory completes the storage of user data, such as user private keys. It has fast calculations, large storage capacity, high security, and is difficult to decipher and forge.

1.2 Safety OA model design

The security OA system model (shown in Figure 1) mainly consists of three parts: identity authentication module design module, information security transmission module, and file security access module. The user login module, combined with the MD5 packet transformation technology, implements the user identity authentication by using the server and client response modes; the information transmission module uses the digital certificate stored in the smart card and the generated internal random key, and adopts a hybrid encryption method to ensure information transmission. Process integrity and confidentiality; the file access control module ensures file security by taking advantage of file keys, packet encryption, and combined access control modules for file encryption.

1.2.1 Identity authentication module design

The module still adopts the "username/password" authentication method, but the difference from the traditional is that the module performs MD5 packet conversion processing on the password, and combines the server and the client response mode to select the identity authentication key generated by the SKS. As a session key, this not only ensures security but also overcomes the efficiency problem of implementing identity authentication using the SSL protocol. The implementation process is as follows:

(1) The user sends a login request to the server, and the server generates a random number Random and sends it to the client;

(2) Perform MD5 operation on the password to obtain the primary ciphertext FEM=MD5(password);

(3) Grouping the primary ciphertext, and then performing MD5 operations on each packet, and assuming that there are n packets, the packet ciphertext G1, G2, is obtained. . . , Gn;

(4) The group ciphertext G1, G2,. . . , Gm,. . . , Gn, combined into a new string L, and MD5 operation on the string again, to get a final packet ciphertext GEM, when the user registers, the group ciphertext GEM is stored in the database;

(5) The client obtains random, encrypts it with the identity authentication key stored in the smart card, and finally performs an MD5 operation to obtain the final ciphertext LEM and sends it to the server.

When the user implements the login, the client obtains the final ciphertext LEM through the above operation; and the server extracts the ciphertext GEM from the database, and then decrypts the random to obtain the ciphertext LEM", and the two are compared, if LEM"=LEM, Then pass the verification; otherwise, the verification fails and the server refuses.

1.2.2 Information Security Transmission Module Design

This module uses a digital certificate-based hybrid encryption mode and digital signature technology to ensure the integrity, confidentiality and non-repudiation of information transmission. At the same time, in the encryption process, the generation of symmetric keys, information encryption and decryption, and the implementation of digital signatures are all completed inside the smart card.

Information encryption is implemented in the form of digital envelope. The DES and RSA algorithms are used. Firstly, the DES algorithm is used to encrypt the information by using the symmetric key generated inside the smart card, and then the encrypted symmetric key is encrypted by the RSA algorithm to form a digital envelope. SHA_1 and the digital certificate private key use the RSA algorithm to digitally sign the information, and the decryption and verification of the digital envelope is completed by the inverse of the encryption and signature. The specific process is as follows:

Information encryption and digital signature implementation (as shown in Figure 2).

(1) for the plaintext to be sent, using the private key of the digital certificate stored in the smart card to complete the digital signature DS;

(2) The sender uses the symmetric key generated inside the smart card to complete the encryption operation inside the smart card to obtain the ciphertext E;

(3) the sender uses the public key of the recipient's digital certificate to encrypt the symmetric key SK to form a digital envelope DE;

(4) Send the ciphertext E and the digital envelope DE to the recipient. Information decryption and signature verification process (as shown in Figure 3): The receiver uses the decryption chip built into the smart card to complete the disassembly of the digital envelope to obtain the symmetric key SK.

The recipient verifies the digital signature using the recipient's digital certificate public key.

1.2.3 File Security Access Module Design

Since the files uploaded in the OA system need to be shared, the method of using the digital certificate hybrid method cannot satisfy the needs of file distribution. Therefore, the related operations are completed within the smart card by using the relevant symmetric key generated by the SKS, which increases the security. The public key system adds encryption efficiency.

For the file to be uploaded by the user, the file is encrypted in the smart card by using a random security key (RSK) generated inside the smart card, and the file encryption key (FEK) generated by the SKS is used for the RSK. Encryption, FEK is also a symmetric key, and only users who have read and write access to the user can obtain FEK. The Hash operation is used for the entire file, and is encrypted by a file sign key (FSK) and placed in the access control module. Only files that have write access to the file have permission to obtain FSK.

Each file also corresponds to an access control module for controlling the acquisition of FEK and FSK by authorized users. The access control module includes the encrypted RSK, the access control attribute (which users have what permissions), and the integrity indicator of the access control module, where the integrity identifier is a key message authentication code, and the integrity identifier is determined by The security sign key (SSK) generated by SKS is maintained to prevent tampering by the illegal user from the access control module.

When a user creates a file, the above-mentioned encryption operation is first performed on the file, and the access control module is uploaded to the file server as part of the file. When the user accesses the file and simultaneously sends a read request to the server, SKS first checks the user's authority in the access control module, and then uses FEK to decrypt the RSK, FSK. After decrypting the file with RSK, do the same hash operation on the file and compare it with the previous hash value to judge the integrity of the file.

When the user modifies the file. The procedure is similar to accessing a file, except that the SSK is returned to the writer, and the hash value is recalculated, signed with FSK, and the access control module is replaced. In order to ensure security, FEK, FSK are initialized to the smart card when it is generated, and related operations are performed in the smart card.

2. Security analysis

(1) After using MD5 packet transform processing, the difficulty of cracking can be increased. The traditional MD5 cracking method is divided into two types, one is online cracking of the website, and the other is brute force cracking. The former, through the query database database MD5 value to complete the crack; the latter, the software through the algorithm, generate a dictionary, and then use the MD5 function to operate the dictionary, and then the root ciphertext needs to be cracked to complete the crack. After the MD5 transform process, the generated ciphertext is very different from the traditional MD5 encrypted ciphertext. Therefore, it is difficult to crack the original password value by the md5 conventional cracking method, thereby ensuring data security.

For the attacker, under the ideal conditions, the attacker already knows that the ciphertext encrypted by the MD5 encryption has been ciphertext packet encryption. If the attacker wants to correctly crack out the plaintext, the packet must be correctly determined. The attacker must first perform an MD5 decryption operation on the entire ciphertext, and obtain the ciphertext encrypted by MD5 after being grouped. The packet is then determined and it may take 32! operations to determine the correct grouping. Even if it is determined that there are N packets, N times of MD5 decryption operations are required. That is to say, under relatively ideal conditions, the time to crack out the correct plaintext is (n+1) 32 times that of the traditional MD5 crack.

The server and the client use the random key for the session, and the replay attack can be avoided, and the security is greatly improved.

(2) Because the smart card has adopted a series of security mechanisms in the design process to protect its internal data from being leaked and illegally accessed. These security mechanisms include: access control of the internal data of the card and secure management of the transmission process. Access control includes access control access to data and functions and access control to internal static secret data. The former determines the access control rule by determining the current security status and the security attribute of the accessed file by the personal identification code (P attached) and the corresponding authentication process, and the latter determines the PIN, encryption, and decryption stored in the smart card. Security management is implemented for important data such as keys. In order to prevent the information (mainly data) from being maliciously intercepted, falsified, etc. during the transmission process between the smart card and the external, to improve the security and reliability of the dynamic transmission information, a secure transmission control mechanism is provided in the operating system of the smart card. By encrypting the transmitted information, the illegally intercepted information cannot be decrypted. Independently complete security-sensitive calculations such as authentication, digital signature and key exchange in the card, which can effectively prevent the leakage of keys, passwords and other private sensitive information from viruses or other malicious programs. Leakage of sensitive information.

(3) In the secure transmission module, the mixed mode of DES and RSA is used to encrypt the information to be transmitted to ensure the confidentiality of information transmission, and the realization of the digital signature can ensure the integrity of the information transmission process, and cannot be denied. Sex. The RSA algorithm used in the secure transmission module. The RSA algorithm is as follows:

Public key: n=pq (p, q are two mutually different large prime numbers, which need to be kept secret).

e and (p-1) (q-1) are prime.

Private key: d=e-1mod((p-1)(q-1)).

Encryption: c=me(mod n), where m is plaintext and c is ciphertext decryption: m=ed(mod n).

The main feature is that encryption and decryption use different keys, and each user holds a pair of keys: public key n and private key d. n can be fully disclosed and used as an encryption key; and d is kept secret and needs to be saved by the user himself and used as a decryption key. Encryption algorithms and decryption algorithms are also public. According to the knowledge and theory that has been mastered, the decomposition of 2048bit large integers has exceeded the computing power of 64bit computers, so in addition to the creator of the key pair, others want to derive d from n, which is completely impossible in calculation. . Therefore, this hybrid encryption approach employed in the secure transport module is sufficiently secure for the present and foreseeable future. At the same time, due to the encryption and decryption of the message, the implementation of the signature and the verification-sensitive operation are generated inside the smart card, so that the security is further improved.

(4) File security storage module, because the file is stored in the process of storing the encrypted file and the access control module, the encryption technology and the security access control technology are effectively combined to effectively prevent unauthorized users from accessing the file. . The RSK involved in the encryption process is generated inside the smart card. The encryption is also done inside the smart card to prevent the key from leaking. The FEK has a trusted security key server, so its security can be guaranteed. The file security storage module uses a hash algorithm for the file to detect the integrity of the file.

3, the conclusion

This paper proposes a secure OA model for security issues in OA systems. The model integrates PKI related technologies such as symmetric encryption, asymmetric encryption, digital signature, hardware encryption, etc., and introduces the SKS server, which is responsible for the distribution of related keys, and the keys are stored in the smart card. The encryption and decryption operations are all in the smart card. Completed in the middle, improving the security of the entire system. At the same time, the model fully considers efficiency issues, such as abandoning digital certificates to achieve identity authentication, file encryption and access control are based on a symmetric key system, thereby improving the efficiency of the entire system.

Our Green Wired Wood Floral Picks are the perfect starting point for creating floral arrangements! 

These Plant Stakes are a staple for every florist! They add strength, length and control to heavy flowers when you place them into the foam base of an arrangement. To use them, simply wrap the stakes to the stem of the flowers, bows, or other floral embellishments to give them sturdy stems for inserting into any centerpiece! 

Tip: Cover with Floral Tape to give stems a natural, seamless appearance. 

Made of wood.

Plant Stakes

Plant Stakes,Tomato Stakes Plant Stakes,Plant Support Stakes,Plant Stands

Tianjin Panyam Garden & Horticultural Products Co., Ltd. ,