中文摘要：

TLS（传输层安全）协议被广泛用来保证Web的安全，为了分析其安全性，用串空间模型对其进行形式化描述，并用认证测试方法分别对客户端和服务器端的认证性进行分析，证明协议存在中间人攻击，通过修改认证测试方法的测试元素对协议形式进行改进，并证明改进后协议的正确性。

英文摘要：

TLS （Transport Layer Security） protocol has been used widely to ensure the security in Web. The protocol is described formally by strand space for the sake of its security analysis. Mutual authentication between client and server in TLS protocol is analyzed via authentication test, and man in the middle attack is found as a result. Then, the test elements of the authentication test are modified, and the form of the TLS protocol is amended. Finally, the validity of the amended protocol is proved.