| Summary: | 碩士 === 國立交通大學 === 資訊工程系 === 89 === In this thesis, I purpose a multipurpose relay model which users will not concern about encryption and decryption of application functionality, but has communication environment protected by SSL/TLS protocol. This model not only provides users with authentication, access control, confidentiality and data integrity, but also services trusted hosts and relay its data to the destination hosts securely by route setup.
In system security, I use X.509 mechanism to authenticate SSL Relays and users in the models of point-to-point, point-to-end and end-to-end. In assigning attribution of management and users I take access control mechanism in distinguishing different degrees and privileges. All the transferring data between Relays is protected by enhanced SSL/TLS protocol, which was strengthened according to the security survey of Eric Murray.
In system management, SSL Relay system is designed by multilevel operation with the different roles to perform function. There are Initiators, Managers, and Operators. Different roles have different management privileges and responsibilities in system’s confidentiality and route management. Moreover, I use hardware accelerator in preventing malicious hackers from divulgating private keys.
|
|---|
