基于中间件的电子签章系统设计与开发

I
基于中间件的电子签章系统设计与开发
Abstract
In the long history of our country, the seal and the signatures have been the symbol of the power. Attaching the seal or the signatures to some physical information indicates that the owner authorizes this information. Today, the electronic information technology and the network technology is developing rapidly and the physical signature and hand-written signatures on paper documents are still used. With the development of electronic commerce, electronic government and enterprise informatization, the advantage of the high efficiency and the resource-saving of OA(Office Automation) is highlighting day after day and the application of OA is also more and more widespread. How to guarantee the integrity, confidentiality of the electronic official documents, identifiability and traceability of signers has become a problem to be solved urgently. As above mentioned, the electronic seal technology is brought forward, and it has become a research focus in the information security technology and the computer application domain. Incorporating the electronic seal and the middleware technology, this paper designs and implements an electronic seal system. Taking the Public Key Infrastructure (PKI) as the security platform and the digital signature technology as the security theory base, this system meets the requirements of information security of OA. Using COM module technology, the system is made up of several modules. Each module encloses respective function and is used by other modules through the standard interface. In addition, because of the reusable and transplantable property of the COM module, when embedded into other systems, it can achieve the seamless integration and avoid remarkable modification to them. During the design and development of the software, many technical problems have been solved, including digital certificate signing and issuing, embedding, displaying and the responding to the event of a seal control in a Word or WEB pages, picture transparent display and the pick-up of the signature. The electronic seal system presented in this paper is based on the PKI and the
III
南京航空航天大学硕士学位论文
图 表 清 单
图 2.1 对称加密算法示意图 ············································································· 6 图 2.2 非对称加密算法示意图 ········································································· 7 图 2.3 数字信封原理示意图 ··········································································· 19 图 2.4 PKI 体系结构图 ···················································································· 19 图 2.5 时间戳原理示意图 ··············································································· 22 图 2.6 数字签名流程示意图 ··········································································· 23 图 3.1 中间件在系统中的位置 ······································································· 26 图 3.2 COM 客户与组件交互过程示意图 ······················································ 28 图 3.3 DCOM 工作原理示意图 ······································································· 29 图 4.1 电子签章系统总体框架设计示意图 ··················································· 35 图 4.2 业务逻辑层功能设计示意图 ······························································· 36 图 4.3 表示层功能设计示意图 ······································································· 38 图 4.4 电子签章管理中心主要接口设计示意图············································ 40 图 4.5 申请签章数字证书接口调用示意图 ··················································· 41 图 4.6 作废签章数字证书接口调用示意图 ··················································· 42 图 4.7 查看和修改签章信息接口调用示意图················································ 43 图 4.8 电子签章服务中心主要接口设计示意图············································ 44 图 4.9 Addin 组件和 SignatureControl 控件主要接口设计示意图 ················· 46 图 4.10 加盖签章接口调用示意图 ································································· 49 图 4.11 数字签名实现示意图 ········································································· 52 图 4.12 文档验证实现示意图 ········································································· 52 图 4.13 电子签章数据库 E-R 图 ····································································· 56 图 5.1 Word 加载电子签章工具条 ·································································· 62 图 6.1 申请签章证书 ······················································································· 69 图 6.2 输入用户名 ··························································································· 69 图 6.3 选择签章······························································································· 70 图 6.4 加盖签章效果 ······················································································· 70 图 6.5 数字签名······························································································· 71
南京航空航天大学硕士学位论文
摘
要
在中国历史发展的几千年中，印章和签名都是一个人或一个团体身份和权 威的象征。将印章或签名附加在某个物理信息上，表明了它们的所有者对这个 信息原件内容的认同。在电子信息技术和网络技术飞速发展的今天，随着电子 商务、电子政务、企业信息化建设的发展，自动化办公应用正变得越来越广泛， 其高效、节约资源的优势也日益凸显。而在自动化办公中，如何保障电子文档 的完整性、机密性、文档发送者身份的可认证性以及签署人的抗抵赖性成为亟 需解决的问题。电子签章技术正是在此背景下提出的，并成为当前信息安全技 术领域和计算机应用领域研究的热点和难点。 本文将电子签章与中间件技术融合起来，设计并实现了一套功能完善、运 行稳定的电子签章系统。该系统以公钥基础设施 PKI(Public Key Infrastructure) 为安全平台，以数字签名为安全理论基础，解决了自动化办公中保证电子文档 完整性、机密性、可认证性和抗抵赖性等信息安全问题。利用中间件 COM(Component Object Model)组件技术，系统被设计为若干个功能模块，每个 模块都封装了各自的功能实现并以向外界提供标准接口的形式供其他模块调 用。由于 COM 组件的良好的可重用性和可移植性，将这些组件嵌入到其他系统 中时，可实现与原有系统的无缝结合，避免了对该系统和原有系统大的升级改 造。在软件设计和开发过程中，解决了数字证书的签发、签章控件在 Word 和 WEB 网页中的嵌入显示和事件响应、图片的透明显示、签名内容的提取等诸多 技术难题。 本文设计的电子签章系统基于 PKI 安全体系和数字签名加密标准，具有较 强的安全性、实用性、易用性和可扩展性，已实际应用于江西洪都航空工业集 团的企业信息化管理系统中。 关键词： 电子签章,中间件,COM,数字签名,PKI
II
南京航空航天大学硕士学位论文
wenku.baidu.com
encoded standard of digital signature, with strong safety, practicality, accessibility, expansibility. The system has been applied to the information management system of HONGDU Aviation Industry Group LTD. Key Words: electronic seal, middleware, COM, digital signature, PKI