Professional Documents
Culture Documents
3.1 K THUT MT M Vai tr ca k thut mt m trong bo v thng tin: 1. N c dng che du thng tin mt c t trong h thng. Nh chng ta bit cc knh truyn thng vt l lun b tn cng bi s nghe trm v xuyn tc thng bo. iu ny da trn nguyn tc l mt thng bo c m ho vi mt kho m xc nh v ch c th c gii m bi ngi bit kho ngc tng ng.
3.1 K THUT MT M
2. N c dng h tr c ch truyn thng xc thc gia cc cp ngi dng hp php m ta gi l ngi u nhim (Principal). Mt ngi u nhim sau khi gii m thnh cng mt thng bo bng cch dng mt kho dch xc nh c th tha nhn rng thng bo c xc thc nu n cha mt vi gi tr mong mun. T ngi nhn c th suy ra rng ngi gi ca thng bo c kho m tng ng. Nh vy nu cc kho c gi b mt th vic gii m thnh cng s xc thc thng bo c n t mt ngi gi xc nh.
3.1 K THUT MT M
3. N c dng ci t mt c ch ch k s. Ch k s c vai tr nh mt ch k thng thng trong vic xc nhn vi mt thnh vin th ba rng mt thng bo l mt bn sao khng b thay i ca mt thng bo c to bi mt ngi u nhim c bit. Kh nng cung cp mt ch k s da trn nguyn tc l c nhng vic ch c ngi u nhim l ngi gi thc s mi c th lm cn nhng ngi khc th khng th. iu ny c th t c bng vic i hi mt thnh vin th ba tin cy m anh ta c bng chng nh danh ca ngi yu cu m thng bo hoc m mt dng ngn ca thng bo c gi l digest tng t nh mt checksum. Thng bo hoc digest c m ng vai tr nh mt ch k i km vi thng bo.
Mt m kho b mt
Thi hn s dng cho cc chng ch . S loi b trong danh sch kho cho nhng trng hp chng ch khng ng, khng tng minh.
ng dng PKI
Mng ring o - IPSec Virtual Private Network (VPNs) Th bo m, xc thc user (Secure E-mail, Client authentication) Xc thc Server - bo mt ng truyn (Server authentication - SSL) Chng thc s cho pht trin phn mm (Code signing) K v m ho vn bn, ti liu, d liu (Files signing) Cc ng dng Web Enterprise, web applications (Intranet, Extranet, portals) Cc ng dng khc ...
H iu hnh Windows 2000 Server cho php thit lp VPN server bng cch s dng RRAS (Remote Routing Access Service). Sau khi thit lp mt server thnh VPN server th cc clients c th gi vo v truy cp nhng ti nguyn trong mng ni b hay cn gi l LAN nh l ang kt ni trc tip vi network .
VPN Clients
VPN clients c th l bt k mt computer no s dng h iu hnh t Win9x, Windows NT Workstation hay l Windows 2000 Professional. Ngay c server cng c th l VPN clients. Hot ng gia client v server: Cch n gin v thng dng nht l client khi to mt kt ni vi ISP bng giao thc PPP (Point to Point Protocol). Kt ni theo dng ny cn c gi l Non-Virtual kt ni khng o tng datalink, client c th s dng giao thc PPP ny mt ln na thit lp mt kt ni o vi VPN server v t y n c th tr thnh mt node hay mt my trm trong h thng LAN.
Trong phn configure WAN Miniport (PPTP), nn chn mc Remote access connections (inbound only) clients c th to kt ni vi VPN server. Mc Demand-dial routing connections (inbound and outbound) cho php RRAS server c php khi to hoc l chp nhn kt ni n v t demand-dial routers. Trong hp Phone number for this device, nhp vo a ch IP ca VPN server interface.
Chn vo th mc Remote Access Policy, bn tay phi bn right click vo mc Allow access if dial-in permission is enable chn properties nh hnh di.
Trong phn Allow access if dial-in permission is enable Properties, chn vo mc Grant remote access permission. Mc ny cho php users truy cp bt c lc no min l khp vi iu kin t ra ca Policy Change the If a user matches the conditions setting to Grant remote access permission
Gateway, firewall 2 Ip int: 192.168.2.254 Ip ext: 200.1.1.2 Windows XP IP: 192.168.2.100 Default gateway: 192.168.2.254
Gateway, firewall 3 Ip int: 192.168.3.254 Ip ext: 200.1.1.3 Windows XP IP: 192.168.3.100 Default gateway: 192.168.3.254