基于局域網(wǎng)的數(shù)據(jù)安全傳輸組件的設(shè)計與實現(xiàn)
發(fā)布時間:2018-10-07 21:20
【摘要】:隨著社會信息科學(xué)技術(shù)的迅猛發(fā)展,大部分企業(yè)單位都組建了自己的計算機網(wǎng)絡(luò)系統(tǒng),因此在局域網(wǎng)內(nèi)進(jìn)行端對端的通信并且傳播重要的數(shù)據(jù)是十分有必要的。但是由于網(wǎng)絡(luò)黑客、病毒的存在,網(wǎng)絡(luò)數(shù)據(jù)通信存在著巨大的安全隱患。采取有效的措施抵制網(wǎng)絡(luò)攻擊已經(jīng)成為世界上各個國家重點關(guān)注的研究目標(biāo)。 本文的研究內(nèi)容源自實際科研項目,通過結(jié)合密碼保護服務(wù)、哈希運算消息認(rèn)證(Hash-based MessageAuthentication Code,HMAC)、自定義報文和動態(tài)密鑰管理四者來實現(xiàn)數(shù)據(jù)的安全傳輸。我們設(shè)計的數(shù)據(jù)安全傳輸模塊是一種基于端-對-端的安全模式,,在發(fā)送端的對數(shù)據(jù)加密后發(fā)送給接收端,接收端接收到數(shù)據(jù)后解密成為明文,高效的抵御了網(wǎng)絡(luò)攻擊,防止內(nèi)部消息泄露。本模塊的發(fā)送端和接收端在基于TCP的套接字(socket)的通信基礎(chǔ)上,自定義報文格式發(fā)送數(shù)據(jù)。在發(fā)送端實現(xiàn)以高級加密標(biāo)準(zhǔn)加密數(shù)據(jù)(Advanced Encryption Standard, AES)、封裝報文、HMAC、序列化數(shù)據(jù)。在接收端進(jìn)行多線程處理、報文解封裝處理、消息隊列的處理以及對各種錯誤碼的分析處理。在本文的最后進(jìn)行了相關(guān)的測試,并且詳細(xì)的分析了測試結(jié)果,從而驗證了該模塊可以保證數(shù)據(jù)傳輸?shù)陌踩浴?數(shù)據(jù)安全傳輸模塊為數(shù)據(jù)傳輸?shù)臏?zhǔn)確性、保密性、反重復(fù)性提供了強有力且靈活的保護,確保信息在傳輸過程中不會被截取篡改,提高了整個系統(tǒng)的安全性。
[Abstract]:With the rapid development of social information science and technology, most enterprises have set up their own computer network system, so it is necessary to carry out end-to-end communication and spread important data in LAN. But because of the network hacker, the virus existence, the network data communication has the huge security hidden danger. To take effective measures to resist cyber attacks has become the focus of research in every country in the world. The research content of this paper is derived from the actual scientific research projects. The secure transmission of data is realized by combining cryptographic protection service, hash operation message authentication (Hash-based MessageAuthentication Code,HMAC), custom message and dynamic key management. The data security transmission module we designed is a kind of end-to-end security mode, which is sent to the receiving end after the data is encrypted at the sending end, and decrypted into clear text after receiving the data at the receiving end, which effectively resists the network attack. Prevent internal information from leaking. The sending and receiving end of this module is based on the communication of socket (socket) based on TCP. In the sender, the advanced encryption standard encryption data (Advanced Encryption Standard, AES), encapsulates the message and serializes the data. Multithread processing, packet unencapsulation, message queue processing and error code analysis are carried out at the receiving end. At the end of this paper, the relevant tests are carried out, and the test results are analyzed in detail to verify that the module can ensure the security of data transmission. The data security transmission module provides a powerful and flexible protection for the accuracy, confidentiality and anti-repeatability of data transmission, ensures that the information will not be intercepted and tampered during the transmission process, and improves the security of the whole system.
【學(xué)位授予單位】:西安電子科技大學(xué)
【學(xué)位級別】:碩士
【學(xué)位授予年份】:2014
【分類號】:TP393.1;TP393.08
本文編號:2255710
[Abstract]:With the rapid development of social information science and technology, most enterprises have set up their own computer network system, so it is necessary to carry out end-to-end communication and spread important data in LAN. But because of the network hacker, the virus existence, the network data communication has the huge security hidden danger. To take effective measures to resist cyber attacks has become the focus of research in every country in the world. The research content of this paper is derived from the actual scientific research projects. The secure transmission of data is realized by combining cryptographic protection service, hash operation message authentication (Hash-based MessageAuthentication Code,HMAC), custom message and dynamic key management. The data security transmission module we designed is a kind of end-to-end security mode, which is sent to the receiving end after the data is encrypted at the sending end, and decrypted into clear text after receiving the data at the receiving end, which effectively resists the network attack. Prevent internal information from leaking. The sending and receiving end of this module is based on the communication of socket (socket) based on TCP. In the sender, the advanced encryption standard encryption data (Advanced Encryption Standard, AES), encapsulates the message and serializes the data. Multithread processing, packet unencapsulation, message queue processing and error code analysis are carried out at the receiving end. At the end of this paper, the relevant tests are carried out, and the test results are analyzed in detail to verify that the module can ensure the security of data transmission. The data security transmission module provides a powerful and flexible protection for the accuracy, confidentiality and anti-repeatability of data transmission, ensures that the information will not be intercepted and tampered during the transmission process, and improves the security of the whole system.
【學(xué)位授予單位】:西安電子科技大學(xué)
【學(xué)位級別】:碩士
【學(xué)位授予年份】:2014
【分類號】:TP393.1;TP393.08
【參考文獻(xiàn)】
相關(guān)期刊論文 前2條
1 周曉軍;Internet安全標(biāo)準(zhǔn)IPSec[J];電腦與信息技術(shù);2000年06期
2 譚曉青;利用OpenSSL建立PKI數(shù)字證書系統(tǒng)[J];科學(xué)技術(shù)與工程;2005年20期
本文編號:2255710
本文鏈接:http://sikaile.net/guanlilunwen/ydhl/2255710.html
最近更新
教材專著
