Home - SOLUTION - Construction Of National PKI Certification System
Construction Of National PKI Certification System

Business background

    E-government certificate certification: E-government platform is an electronic information platform established by government agencies to adapt to the rapid development of society. Its purpose is to improve the office efficiency of government agencies. Some of these services have replaced the previous paper office. The e-government platform is a system that involves hundreds of vertical and horizontal government departments and connects thousands of government agencies and related units. If there is no strong and complete safety certification system, it is important to The loss of confidentiality, forgery, and tampering of files and sensitive information will be flooded, which will seriously affect the normal and stable operation of the system and even cause serious consequences that are difficult to estimate.
    E-commerce certificate authentication: E-commerce is a means of trade, and its information directly represents the commercial secrets of individuals, enterprises or the country. Traditional paper-based trade is to send commercial information through reliable communication channels to achieve the purpose of keeping confidentiality. E-commerce is built on an open network environment. Therefore, preventing information from being illegally stolen during transmission, ensuring the integrity of information trade information, and credible identities and non-repudiation of the transaction parties have become important guarantees in e-commerce applications. .
    Standards and norms construction: The PKI/CA certificate certification system is the basic support link of national e-government and e-commerce informatization, and it is also the basic link of the entire application security. How to make such a system in an orderly and organized manner The construction and use of this system in a new environment will be the key considerations in the system planning stage. The establishment of supporting standards and specifications is one of the key links, laying the foundation for the construction and promotion of the entire system in the future.


    The national PKI system includes three parts: the national root CA, the government CA system, and the economic CA system. The national root CA and the government CA system, the economic CA system, the government CA system and the economic CA system are physically separated, and the main and auxiliary stations of the respective systems are logically separated isolation
    The construction of national root CA is divided into two modes: stand-alone offline national root CA deployment mode and network physical isolation root CA deployment mode
    The planning and design of government/economic CA system adopts two-level CA system design, namely, government two-level CA system and three-level CA system, economic two-level CA system and three-level CA system. The second-level CA system is issued and managed by the root CA system and is oriented to three levels. Class-level CA system manages, and the overall CA system provides comprehensive certificate services to the outside through a third-level CA.

Solution value

    The construction of the national-level PKI system builds the source of trust for the national PKI trust system, provides the country's highest source of trust, and provides security for the application, promotion, and interoperability certification of digital certificates for e-government and e-commerce serving the public.
    The construction of a national PKI system is an important part of the security of national e-government and e-commerce applications. It provides comprehensive digital certificate services for national electronic authentication applications, and provides identity authentication, integrity, and confidentiality based on digital certificate mechanisms for the future national information security system. Sex and non-repudiation lay the foundation for security.
    The construction of a national PKI system for the construction of national cyberspace and digital economy has built a credible and secure digital infrastructure. By providing credible identity authentication based on passwords, credible network access and credible data communication guarantees, it will effectively promote information Comprehensive, sustainable and stable development and advancement.

I want to consult

  • *type
    *Unit name
  • *full name
  • *mobile phone
  • *Consultation content