摘要 |
<p>A cryptographic framework consists of four basic service elements that include a national flag card, a cryptographic unit, a host system, and a network security server. Three of the four service elements have a fundamentally hierarchical relationship. The National Flag Card (NFC) is installed into the Cryptographic Unit (CU) which, in turn, is installed into a Host System (HS). Cryptographic functions on the Host System cannot be executed without a Cryptographic Unit, which itself requires the presence of a valid National Flag Card before it's services are available. The fourth service element, a Network Security Server (NSS), can provide a range of different security services including verification of the other three service elements. Several different configurations that support policy within a cryptographic system allow the framework to be adapted to various connection schemes involving, at least, the cryptographic unit and the policy, including dedicated applications, e.g. a policy provided in a cryptographic unit having either a built-in or local smart card reader, or a policy in a remote smart card reader; and shared applications, e.g. a policy provided in a host system local smart card reader. <IMAGE></p> |