本文選題：Linux終端 + 安全加固�。� 參考：《華北電力大學》2014年碩士論文

【摘要】：隨著信息技術(shù)和移動互聯(lián)網(wǎng)技術(shù)的快速發(fā)展,終端遠程訪問企業(yè)內(nèi)網(wǎng)數(shù)據(jù)資源的需求日益迫切。但移動互聯(lián)網(wǎng)的開放特點無法保證其信息通信的安全性,如何實現(xiàn)移動終端與企業(yè)網(wǎng)絡之間的安全通信成為終端遠程接入面臨的新挑戰(zhàn)。移動終端遠程接入系統(tǒng)包括終端、數(shù)據(jù)通道和接入系統(tǒng)三個實體,其中任何一部分存在的安全問題都可能威脅到整個接入系統(tǒng)的安全。傳統(tǒng)的采用虛擬專用網(wǎng)的移動接入技術(shù)只關(guān)注數(shù)據(jù)傳輸通道的安全,忽略了終端的安全問題,無法滿足企業(yè)終端的安全接入需求。終端自身的安全防護、可靠的身份認證和安全的接入技術(shù)是整個接入系統(tǒng)需要解決的關(guān)鍵問題。 本文以電力企業(yè)的移動終端接入需求為背景,為滿足企業(yè)的移動終端安全防護要求,針對Linux移動終端面臨的主要安全威脅,通過分析操作系統(tǒng)的安全特性,提出相應的安全加固措施,如基于硬件的終端身份識別和動態(tài)的安全狀態(tài)檢測技術(shù)等。通過對目前流行虛擬專用網(wǎng)協(xié)議的應用范圍和實現(xiàn)方式進行了分析和對比,結(jié)合本論文的系統(tǒng)需求,最終選擇了安全套接層作為認證和加密傳輸?shù)膮f(xié)議。詳細分析了OpenVPN的具體實現(xiàn)原理,并在其基礎上設計了具有硬件身份識別和動態(tài)安全檢測的一體化接入系統(tǒng)。該系統(tǒng)從終端加固、安全數(shù)據(jù)傳輸及終端狀態(tài)動態(tài)檢測等方面保證了終端本身、接入過程和數(shù)據(jù)通信的安全。本文設計的一體化接入系統(tǒng)在實驗環(huán)境下經(jīng)過測試,已基本滿足預期要求。移動終端安全接入的研究將對電力企業(yè)信息化的進程有積極的推動作用。
[Abstract]:With the rapid development of information technology and mobile Internet technology, the demand for remote access to data resources in enterprise Intranet becomes increasingly urgent. However, the open characteristic of mobile Internet can not guarantee the security of its information communication. How to realize the secure communication between mobile terminal and enterprise network becomes a new challenge for terminal remote access. The remote access system of mobile terminal includes three entities: terminal, data channel and access system. The security problems in any part of the system may threaten the security of the whole access system. The traditional mobile access technology using virtual private network only pays attention to the security of the data transmission channel, neglects the security problem of the terminal, and can not meet the security access requirements of the enterprise terminal. The security protection of the terminal itself, reliable identity authentication and secure access technology are the key problems to be solved in the whole access system. In this paper, based on the mobile terminal access requirements of power enterprises, in order to meet the security requirements of mobile terminals, the main security threats faced by Linux mobile terminals are analyzed, and the security characteristics of the operating system are analyzed. The corresponding security reinforcement measures, such as terminal identification based on hardware and dynamic security state detection technology, are put forward. Based on the analysis and comparison of the application scope and implementation of the popular VPN protocol, the secure socket layer is selected as the protocol of authentication and encryption transmission according to the system requirements of this paper. The realization principle of OpenVPN is analyzed in detail, and an integrated access system with hardware identification and dynamic security detection is designed. The system ensures the security of the terminal itself, access process and data communication from the aspects of terminal reinforcement, secure data transmission and terminal state dynamic detection. The integrated access system designed in this paper has been tested in the experimental environment and has basically met the expected requirements. The research on secure access of mobile terminals will play an active role in the process of power enterprise informatization.
【學位授予單位】：華北電力大學
【學位級別】：碩士
【學位授予年份】：2014
【分類號】：TN915.08

【參考文獻】

相關(guān)期刊論文 前10條

1 任江，，袁宏春;對SSL協(xié)議及其安全性分析[J];電子科技大學學報;1998年04期

2 郭寶;周馳;;電力生產(chǎn)現(xiàn)場作業(yè)和終端安全防護研究[J];電力信息化;2010年12期

3 張宏科;蘇偉;;新網(wǎng)絡體系基礎研究——一體化網(wǎng)絡與普適服務[J];電子學報;2007年04期

4 王義申;;對電力企業(yè)生產(chǎn)現(xiàn)場作業(yè)和終端安全防護的研究[J];科技創(chuàng)新與應用;2013年04期

5 李之棠;何桂麗;王美珍;;基于虛擬網(wǎng)卡的SSL VPN體系結(jié)構(gòu)的研究[J];計算機應用研究;2007年12期

6 柯海清,馮啟明;數(shù)據(jù)加密技術(shù)及網(wǎng)絡應用[J];武漢理工大學學報(交通科學與工程版);2002年06期

7 孫玉霞;陳火炎;;UNIX主機文件完整性校驗工具的原理與實現(xiàn)[J];計算機應用與軟件;2006年06期

8 須文波,歐愛輝,張星燁;Linux安全操作系統(tǒng)的設計與實現(xiàn)[J];計算機與現(xiàn)代化;2003年10期

9 郭學超;翟正軍;;OpenVPN體系安全性研究[J];科學技術(shù)與工程;2007年08期

10 陳閎中;Linux在嵌入式操作系統(tǒng)中的應用[J];同濟大學學報(自然科學版);2001年05期

本文編號：2016887