Embed Size (px)
Citation preview
The design of mobile terminal security management system based on digital certificate
ZHANG Xue-yuan1, a, Tang Jun1,b and LI Min1,c 1Information Security Technology Department,TheThird Research Institute of Ministry of Public
Security,Shanghai,201204,China. [email protected],
Keywords: mobile terminal digital certificate security management strategy management
Abstract. The mobile terminal is a indispensable communication tool in people's daily life.Mobile
applications are widely used in daily office of various industries. But there are many mobile terminal
security risks.At present,the security mechanism of mobile terminal is weak,therefore how to ensure
the mobile terminal security has become a hot topic of the industry.This paper put forward a solution
of mobile terminal security management system which based on digital certificate,Specific praper
discusses the design of the whole system,the system architecture,application of digital certificate in
this system, background design,front design,and application of system also be described in detail.The
design of the mobile terminal security management system has a certain significance.
0 Introduction
The mobile terminal has been widely used in people's daily life.But the mobile terminal itself
design flaws and external security threats in mobile terminal face more risk,such as terminal is lost or
stolen,the peripheral hardware interface security control,terminal operating system
vulnerabilities,terminal operating system backdoor,terminal Bluetooth vulnerability,terminal WIFI
vulnerability,malicious programs etc.How to reduce the maximum use of mobile terminal
risk,guarantee the mobile terminal safe use,become a hot topic in the industry.Therefore the
introduction of the system that unified manage the mobile terminal has the vital significance.
1 The design of the whole system
Mobile terminal security management system is mainly used to manage the mobile terminal
which using digital certificate.The system can successfully realize functions such as terminal
registration,examination,card reading and so on.It can be carried out successfully start and stop
operation to the certificate user.It's a useful complement to revoke the function of common CA
system.
System function diagram shows as Fig-1.
Fig-1 Function diagram of mobile terminal security management system
Applied Mechanics and Materials Vols. 651-653 (2014) pp 1976-1979 Submitted: 01.08.2014Online available since 2014/Sep/30 at www.scientific.net Accepted: 05.08.2014© (2014) Trans Tech Publications, Switzerlanddoi:10.4028/www.scientific.net/AMM.651-653.1976
All rights reserved. No part of contents of this paper may be reproduced or transmitted in any form or by any means without the written permission of TTP,www.ttp.net. (ID: 130.207.50.37, Georgia Tech Library, Atlanta, USA-14/11/14,14:24:50)
2 The design of system architecture
The structure of mobile terminal security management system based on digital certificate is
divided into three parts:server,WEB server and client.
The server that includes the storage center of all strategies,the system operation and maintenance
center is the core of the system.There are much user information,computer information,organizational
system,policy information and log information store on the server.
The web server is the core component which generates a WEB console which can be login on the
web console implement background management through the URL connected to the web server.The
web console is the user interface system which used to implement remote management on server.It's
the control center of the whole system,each function module of the system can be embodied in this
console.
The client is running on the terminal,the unified management of the client using a safe way to
accept the server,receiving the strategy of the server and notify the corresponding function module
implementation.
The architecture of the system shows as Fig-2.
Fig-2 The architecture of of mobile terminal security management system
3 The application of digital certificate in the system
Digital certificate that is composed of the smart card and the reader card installed in mobile
terminal,communicated with the host through the USB communication equipment.It's a kind of
identity authentication terminal equipment of new generation,it has three main functions:identity
authentication,digital signature,data encryption.
Before send certificate to user in the system,need to open card and regist card,and then audit all
the registered user,send certificate to user which through auditing,and store certificate to the
certificate medium.After send certificate to user,the administrator can use this system to read
Applied Mechanics and Materials Vols. 651-653 1977
certificate information,and such information will be written to the database.When the digital
certificate registration is completed,the terminal is in "not read card"status,and need read card so the
card can be used normally.After that the system can perform modification,deletion,audit,read card
and enable/disable security card operation.
The specific operation process shows as Fig-3.
Fig-3 Specific operation process of digital certificate
4 The design of background of the system
The background of the system includes six function modules:terminal unified management
module,process management module,terminal data query module,terminal data statistics module,log
view module,service management module.
Terminal management module:The server can view and management all the terminal,can provide
a unified login entry to observation the security view of all the terminal,and presents the entire
computer network terminal equipment's safe operation condition in the system.You can see all
terminal software configuration information and hardware configuration information on the server.
Process management module:The server can manage the process that run in the terminal
system.You need to specify the process name,version,the file size and MD5 code of processes.For
disabled process,if use,can be automatically terminated and be logging ,auditing by the system.
Terminal data query module:The server can query the state of the terminal equipment,such as
terminal online time,terminal offline time.At the same time,the server can also query hardware
configuration information and software configuration information of the terminal.
Terminal data statistics module:The server can statistical the register information,software
information,hardware information,the type of operation system of the terminal,and generate reports.
Log view module:The server can view the log of all terminal.Log view is divided into system log
view and user log view.System log view is to view the operation record information of the server by
the administrator.User log view is to view the operation record information of user in the terminal.
Service management module:The server can manage the service that running in the terminal
system.For disabled service,if use, can be automatically terminated and be logging ,auditing by the
system.
5 The design of front of the system
The client in the form of APK installed on any ANDROID mobile phone.Client receives the
strategy which send from the server and execute strategy.At the same time,their own state information
can send to server,so server can realize security management.
1978 Material Science, Civil Engineering and Architecture Science, MechanicalEngineering and Manufacturing Technology II
6 The application of the system
1)The field of public security:With wide extension of this system,will effectively improve the
police law enforcement efficiency,standardize the law enforcement work,strengthen the supervision
of law enforcement.
2)The field of E-government: With wide extension of this system,will effectively improve
government network security level,improve the work efficiency of the government.
3)The field of court: With wide extension of this system,will effectively ensure the trial
information security,prevent information leakage.
7 Summary
This paper presents a design scheme of mobile terminal security management system based on
digital certificate,it is advanced,stability,reliability etc.This paper introduces four parts:the overall
design,system architecture design,the design of background,the design of front,and the application of
digital certificate in the system is also described in detail.This system can be widely used in public
security,courts,tax,government affairs and so on.With the mobile terminal security more and more
enhance by the various sectors of society,believe that the system will optimize and improve
continuously,and get more use.
References
[1] Wang Lina:Introduction to information security,Wuhan:Wuhan University press,2008.
[2] Liu Yangfu.The computer network security and virus prevention,Hainan Province Institute of
Communications Conference papaers,2008.
[3] Wang Yu,Yan Hui:Information security technology,Beijing:National Defence Industry
Press,2010.
[4] Liu SuFen:Current status and protection strategy of network information
security,Electromechanical product development and innovation of 2012.
[5] Zhao Lei,Fu Xiao,Liu Jin:Network of information security risks and preventive strategy of 2011.
[6] Hu Weijian:Network security and confidentiality,Xi'an;Xi'an Electronic and Science
University,2003.
[7] WIDROW B,WALACH E:Adaptive inverse control[C]//Proceedings of the 1993 IEEE
International Symposium on Intelligent Control.Chicago,IL:IEEE,1993:1-6.
Applied Mechanics and Materials Vols. 651-653 1979
Material Science, Civil Engineering and Architecture Science, Mechanical Engineering and
Manufacturing Technology II 10.4028/www.scientific.net/AMM.651-653 The Design of Mobile Terminal Security Management System Based on Digital Certificate 10.4028/www.scientific.net/AMM.651-653.1976
