發(fā)布時(shí)間：2018-06-19 01:13

  本文選題：Web認(rèn)證 + 接入交換機(jī)　； 參考：《華南理工大學(xué)》2013年碩士論文

【摘要】：隨著互聯(lián)網(wǎng)技術(shù)的迅速發(fā)展，以及IPv6得到逐步推廣，傳統(tǒng)的網(wǎng)絡(luò)管理技術(shù)備受挑戰(zhàn)，而安全、有效、便捷的接入認(rèn)證技術(shù)對(duì)用戶和運(yùn)營(yíng)商都至關(guān)重要，，是網(wǎng)絡(luò)實(shí)現(xiàn)可管理、可運(yùn)營(yíng)的關(guān)鍵，適用于IPv4/IPv6有線/無(wú)線復(fù)雜網(wǎng)絡(luò)環(huán)境的接入認(rèn)證技術(shù)已成為近年的研究熱點(diǎn)。 目前，主要的接入認(rèn)證方式有PPPoE、IEEE802.1x和Web認(rèn)證，這三種方式各有優(yōu)缺點(diǎn)，可根據(jù)實(shí)際應(yīng)用場(chǎng)所進(jìn)行選擇。其中，Web認(rèn)證無(wú)需客戶機(jī)安裝任何認(rèn)證軟件，客戶機(jī)使用瀏覽器即可完成認(rèn)證，能夠讓客戶方便、快捷地接入網(wǎng)絡(luò)。同時(shí)，Web認(rèn)證與業(yè)務(wù)密切相關(guān)，運(yùn)營(yíng)商在用戶上網(wǎng)時(shí)向用戶推送認(rèn)證頁(yè)面，可以在該頁(yè)面上開(kāi)展廣告業(yè)務(wù)、服務(wù)選擇和信息發(fā)布等增值業(yè)務(wù)。但傳統(tǒng)的Web認(rèn)證主要是在網(wǎng)絡(luò)出口集中進(jìn)行準(zhǔn)出控制，而對(duì)基于接入交換機(jī)的Web認(rèn)證網(wǎng)絡(luò)準(zhǔn)入控制的研究還較少。 論文在對(duì)各種主流認(rèn)證接入技術(shù)進(jìn)行對(duì)比后，結(jié)合源地址驗(yàn)證技術(shù)，提出了基于接入交換機(jī)的Web認(rèn)證方案，利用接入交換機(jī)作為訪問(wèn)控制點(diǎn)，研究了基于接入交換機(jī)的訪問(wèn)控制機(jī)制與接入認(rèn)證系統(tǒng)。Web認(rèn)證系統(tǒng)包括客戶端、接入交換機(jī)訪問(wèn)控制端、Web認(rèn)證服務(wù)器和數(shù)據(jù)庫(kù)服務(wù)器四個(gè)部分。論文的研究重點(diǎn)是，在資源受限的接入交換機(jī)上，基于嵌入式Linux操作系統(tǒng)，設(shè)計(jì)了IPv4/IPv6地址轉(zhuǎn)換模塊、HTTP重定向服務(wù)模塊以及SNMP控制代理模塊，實(shí)現(xiàn)了基于接入交換機(jī)的IPv4/IPv6的HTTP重定向和接入控制。 論文在華南理工大學(xué)校園網(wǎng)中，構(gòu)建了IPv4/IPv6實(shí)驗(yàn)網(wǎng)絡(luò)環(huán)境，對(duì)系統(tǒng)進(jìn)行了測(cè)試，通過(guò)功能模塊測(cè)試和用戶接入認(rèn)證系統(tǒng)測(cè)試，實(shí)驗(yàn)結(jié)果表明該系統(tǒng)能夠?qū)崿F(xiàn)IPv4/IPv6網(wǎng)絡(luò)接入認(rèn)證的各種功能，在滿足一定數(shù)量的用戶有效接入認(rèn)證的同時(shí)，具有較高的安全性。
[Abstract]:With the rapid development of Internet technology and the gradual popularization of IPv6, the traditional network management technology has been challenged, and the safe, effective and convenient access authentication technology is very important to users and operators. The key to the operation of IPv4 / IPv6 cable / wireless complex network environment access authentication technology has become a research hotspot in recent years. At present, the main access authentication methods are PPPoEI IEEE802.1x and Web authentication, which have their own advantages and disadvantages, which can be selected according to the actual application sites. There is no need for the client to install any authentication software, and the client can use the browser to complete the authentication, so that the client can easily and quickly access the network. At the same time, Web authentication is closely related to business. Operators can push the authentication page to users when they surf the Internet, on which they can carry out value-added services such as advertising, service selection and information release. However, the traditional Web authentication mainly carries on the quasi output control in the network exit centralized, but the research on the access control of the Web authentication network based on the access switch is still less. After comparing various mainstream authentication and access technologies and combining with source address verification technology, this paper proposes a Web authentication scheme based on access switch, which uses access switch as access control point. The access control mechanism based on access switch and access authentication system. Web authentication system includes four parts: client access control Web authentication server and database server. The research emphasis of this paper is that, based on embedded Linux operating system, the IPv4 / IPv6 address translation module and HTTP redirect service module and SNMP control agent module are designed on the resource-constrained access switch. The HTTP redirection and access control of IPv4 / IPv6 based on access switch are realized. In the campus network of South China University of Technology, the paper constructs IPv4 / IPv6 experimental network environment, tests the system, tests the function module and the user access authentication system. The experimental results show that the system can realize various functions of IPv4 / IPv6 network access authentication, and has high security while satisfying a certain number of users' effective access authentication.
【學(xué)位授予單位】：華南理工大學(xué)
【學(xué)位級(jí)別】：碩士
【學(xué)位授予年份】：2013
【分類(lèi)號(hào)】：TN915.05

【參考文獻(xiàn)】

相關(guān)期刊論文 前10條

1 唐朝偉;徐昌彪;胡軍;傅明怡;;應(yīng)用PPPoE的寬帶接入方式研究及接入網(wǎng)設(shè)計(jì)[J];電訊技術(shù);2006年05期

2 張曉軍;呂潔;張蓓;;HTTP重定向在網(wǎng)關(guān)認(rèn)證中的應(yīng)用[J];大連理工大學(xué)學(xué)報(bào);2005年S1期

3 武艷;劉勝輝;王磊;;Linux下基于Netfilter連接跟蹤技術(shù)的研究與應(yīng)用[J];電腦學(xué)習(xí);2008年01期

4 趙曉娟;唐俊;;基于PPPoE接入方式的校園網(wǎng)安全管理[J];電腦學(xué)習(xí);2009年02期

5 饒明;杜忠輝;韓琦;李瓊;;嵌入式Linux防火墻的設(shè)計(jì)與實(shí)現(xiàn)[J];智能計(jì)算機(jī)與應(yīng)用;2011年05期

6 王浩;曹紅兵;陳蘊(yùn);;基于IPv6的動(dòng)態(tài)主機(jī)配置在Linux中的應(yīng)用研究[J];電腦與信息技術(shù);2008年01期

7 龔尚福;朱莉;李娜;;簡(jiǎn)單網(wǎng)絡(luò)管理協(xié)議的研究與應(yīng)用[J];電子設(shè)計(jì)工程;2009年07期

8 吳建平;任罡;李星;;構(gòu)建基于真實(shí)IPv6源地址驗(yàn)證體系結(jié)構(gòu)的下一代互聯(lián)網(wǎng)[J];中國(guó)科學(xué)(E輯:信息科學(xué));2008年10期

9 孫磊;韓海英;;SAVI技術(shù)在IPV6網(wǎng)絡(luò)中的應(yīng)用[J];計(jì)算機(jī)與信息技術(shù);2011年10期

10 劉云;;Linux下基于Netfilter的包過(guò)濾算法[J];計(jì)算機(jī)工程;2009年11期

本文編號(hào)：2037657