本文選題：身份認(rèn)證 + 局域網(wǎng)�。� 參考：《北京郵電大學(xué)》2014年碩士論文

【摘要】：美國的“棱鏡計劃”被曝光之后,網(wǎng)絡(luò)安全的問題更加成為了國家政府企業(yè)關(guān)注的焦點(diǎn),同時隨著互聯(lián)網(wǎng)和智能終端的發(fā)展人們也越來越依賴于互聯(lián)網(wǎng)了。因此加強(qiáng)其上網(wǎng)時的安全性越來越受到人們的重視。身份認(rèn)證則是網(wǎng)絡(luò)安全的第一道閘門。因為訪問權(quán)限的控制、信息的加密等網(wǎng)絡(luò)安全方面的技術(shù),都是在安全的認(rèn)證基礎(chǔ)上的。如果不是這樣的話攻擊者捏造或者冒用的合法的用戶身份,那么其他的安全舉措都會變成無用的了。 局域網(wǎng)DHCP環(huán)境下的用戶上網(wǎng)認(rèn)證已經(jīng)廣泛應(yīng)用于公司企業(yè),學(xué)校等局域網(wǎng)環(huán)境。也正是因為應(yīng)用的十分廣泛所以針對該系統(tǒng)認(rèn)證時的攻擊竊取用戶的認(rèn)證信息的行為也很多,給用戶帶來了安全隱患,造成了的損失。盡管人們?yōu)榱擞脩舻陌踩扇×艘恍┓椒?但是還是會存在些不足。而本文試圖解決這些存在的問題。 本文作者以自己在實習(xí)公司所做用戶認(rèn)證方面的工作并結(jié)合理論知識,針對目前基于局域網(wǎng)DHCP系統(tǒng)下的用戶上網(wǎng)認(rèn)證存在的問題,提出了自己的改進(jìn)方法,提出了基于四元組認(rèn)證的新方法。使得用戶在認(rèn)證過程中更加的安全,同時認(rèn)證更加的便捷,并且節(jié)約建網(wǎng)成本。本文進(jìn)行了以下幾個方面的工作。 1.調(diào)研了目前國內(nèi)外在局域網(wǎng)用戶認(rèn)證方面的研究現(xiàn)狀。介紹了目前局域網(wǎng)用戶認(rèn)證的相關(guān)標(biāo)準(zhǔn)協(xié)議和方法,并且對各種方法優(yōu)缺點(diǎn)進(jìn)行的對比。分析了它們存在的安全性漏洞。 2.提出了局域網(wǎng)DHCP環(huán)境下基于四元組認(rèn)證的方法。重點(diǎn)闡述了基于四元組認(rèn)證的原理,系統(tǒng)設(shè)計方法,所要達(dá)到的目標(biāo)。系統(tǒng)總體的框架,各個模塊工作的流程。 3.最后對基于四元組認(rèn)證的主要功能進(jìn)行了測試驗證。 結(jié)果表明基于四元組的認(rèn)證方案實現(xiàn)了用戶安全的上網(wǎng)認(rèn)證,因為在認(rèn)證過程中會產(chǎn)生非固定的因子而且每一次認(rèn)證都不同,這樣就抵擋了諸如重放攻擊、假冒攻擊等的一些網(wǎng)絡(luò)攻擊手段,從而在安全性方面更加的安全,同時認(rèn)證過程中不需要傳送密碼,這樣也護(hù)衛(wèi)了用戶的隱私,同時還節(jié)約了用戶的建網(wǎng)成本。
[Abstract]:With the exposure of the Prism Project in the United States, the issue of network security has become the focus of national government enterprises, and with the development of the Internet and intelligent terminals, people have become more and more dependent on the Internet. Therefore, people pay more and more attention to strengthening the security of their Internet access. Identity authentication is the first gate of network security. Access control, information encryption and other network security technologies are based on secure authentication. If this is not the case, the attacker will fabricate or falsely use the legitimate user identity, then other security measures will become useless. User authentication under LAN DHCP environment has been widely used in enterprises, schools and other LAN environments. It is also because of the wide application of the system authentication attacks to steal user authentication information behavior is also a lot of, to the user security risks, resulting in losses. Although people take some methods for the safety of users, but there are still some shortcomings. This paper tries to solve these problems. Based on his work in the field of user authentication and theoretical knowledge, the author puts forward his own improvement method in view of the problems existing in user authentication based on LAN DHCP system. A new method based on quaternion authentication is proposed. Make the user in the authentication process more secure, at the same time authentication more convenient, and save the cost of network construction. This article has carried on the following several aspects of work. 1. The current situation of local area network user authentication at home and abroad is investigated. This paper introduces the current standard protocols and methods of LAN user authentication, and compares the advantages and disadvantages of these methods. Analyzed their security vulnerabilities. 2. 2. A method based on quaternion authentication in local area network (LAN) DHCP environment is proposed. The principle of quaternion authentication, the method of system design and the goal to be achieved are expounded. The overall framework of the system, each module work flow. 3. Finally, the main functions based on quaternion authentication are tested and verified. The results show that the authentication scheme based on quaternion realizes the secure authentication of users online, because there are non-fixed factors in the authentication process and each authentication is different, so the authentication scheme can resist the attack such as replay. Some network attack methods such as fake attacks are more secure in the security aspect, at the same time, the authentication process does not need to transmit the password, which also protects the user's privacy and saves the user's network construction cost.
【學(xué)位授予單位】：北京郵電大學(xué)
【學(xué)位級別】：碩士
【學(xué)位授予年份】：2014
【分類號】：TP393.08;TP393.1

【參考文獻(xiàn)】

相關(guān)期刊論文 前10條

1 龔尚今;;基于Window Server 2003小型辦公局域網(wǎng)的安全搭建[J];信息安全與技術(shù);2011年07期

2 宗永升;;校園網(wǎng)認(rèn)證計費(fèi)系統(tǒng)研究與設(shè)計[J];電腦編程技巧與維護(hù);2011年12期

3 王偉;;局域網(wǎng)中DHCP故障問題研究[J];大眾科技;2012年02期

4 溫浩然;;統(tǒng)一身份認(rèn)證技術(shù)在信息管理系統(tǒng)中的應(yīng)用[J];計算機(jī)光盤軟件與應(yīng)用;2012年07期

5 任治洪;;局域網(wǎng)Portal認(rèn)證研究及應(yīng)用[J];甘肅科技;2012年12期

6 金曉霞;張世君;;IP組播技術(shù)及其應(yīng)用探討[J];廣播與電視技術(shù);2012年09期

7 陳晨;張煒;徐思遠(yuǎn);;基于雙重認(rèn)證的局域網(wǎng)訪問控制方式[J];信息安全與技術(shù);2012年11期

8 周斌;何同林;;基于嵌入式終端的DHCP網(wǎng)絡(luò)接入及接入認(rèn)證的研究與實現(xiàn)[J];計算機(jī)光盤軟件與應(yīng)用;2012年23期

9 熊俊;;用戶身份認(rèn)證技術(shù)在計算機(jī)信息安全中的應(yīng)用[J];信息安全與技術(shù);2013年06期

10 張少芳;田華;;基于IEEE 802.1x的局域網(wǎng)安全接入認(rèn)證[J];計算機(jī)光盤軟件與應(yīng)用;2013年04期

，

本文編號：2062730