| 摘要 |
A method for establishing connection in computer networks consists in the following: information is written in an information databank unit, users’ databank is formed in a users’ databank unit, each user is provided with access priority bit; public keys are generated and written in the users’ databank unit. A secret key is stored on the private user’s carrier, users are identified according to an electronic signature; the public key is transferred to users, information is encoded and decoded using a session key, in another information interchange session another session key is generated. The session key is encoded using a data encryption key stored on the user’s personal carrier and in the users’ databank unit; a portion of users is provided with a carrier which is an independent automated device; a user is provided with a PIN-code to access the information stored on the said carrier, the said PIN-code is can not be grabbed by means of a working station; all required software tools and data for cryptographic keys generation are located and stored on that carrier. Recording to the carrier and reading out identification information from the carrier are protected by one of known methods of cryptographic protection; as required, information about user’s priority is updated in a unit of user’s priority change. |
