|
||||||||||
|
DOI: 10.17587/it.25.435-440 R. E. Asratian, Leading Researcher, rea@ipu.ru, V. A. Trapeznikov Institute of Control Sciences of Russian Academy of Sciences, Moscow, 117997, Russian Federation Protected Message Processing in Distributed Systems on the Basis of Cryptographic Message Syntax The principles of the implementation of the new network service — Protected Message Service (PMS) — intended for protected queries processing in the distributed information systems are considered. Distinctive feature of PMS is the close integration of authentication and data protection functions with functions of network information exchange and data processing. From the client point of view, the service architecture is based on two main program classes: "Protected message" (PmsMessage) and "Network Connection" (PmsConnection). This classes offer necessary functionality not only for creating and protecting messages, but also for transferring them to remote server via established network connections for processing. The essence of the approach consists in using Cryptographic Message Syntax (CMS) standard as a basis of protected data representation in the network. This approach to the implementation of PMS is based on the functional similarity of its main class (PmsMessage) with the main class CMS (SignedCms): both classes represent a container for storing arbitrary data, equipped with the necessary methods for the formation and verification of electronic signatures. However, CMS does not contain classes and methods for remote data processing in the network (analogs of PmsConnection class or PmsMessag.Process method). Actually, the described approach can be considered as creation of some kind of "superstructure" over CMS directed to network data processing. The experimental implementation of PMS over CMS in C# for Microsoft Framework 4.0 and study of performance of new service were carried out. The results of this study (in comparison with web services in.NETarchitecture and with "direct" PMS implementation without CMS) are presented.
|