| 一种扩展应用边界安全设备认证能力的方法 |
| |
| 引用本文: | 彭双和,韩臻,沈昌祥.一种扩展应用边界安全设备认证能力的方法[J].北京交通大学学报(自然科学版),2004,28(5):6-10. |
| |
| 作者姓名: | 彭双和 韩臻 沈昌祥 |
| |
| 作者单位: | 北京交通大学,计算机与信息技术学院,北京,100044;海军计算技术研究所,北京,100841 |
| |
| 基金项目: | 国家高技术研究发展计划(863计划)
,
国家重点基础研究发展计划(973计划) |
| |
| 摘 要: | 为了保护内部网络的安全,必须设置应用边界安全设备.本文采取双服务器认证的方式,提出了一种扩展应用边界安全设备的认证方法,解决了一般的应用边界安全设备(如Socksv5服务器)使用用户名/口令字认证易受被动攻击等问题.新提出的用户名/口令字认证方式在安全性上比原有的方式具有更高的抗攻击的能力,而且用户还能自由地更改应用边界安全设备上自己的口令字.实验结果表明,效率上与原有的用户名/口令字认证方式基本保持一致.
|
| 关 键 词: | 应用边界安全设备 身份认证 双服务器认证 杂凑函数 |
| 文章编号: | 1673-0291(2004)05-0006-05 |
A Way to Extend the Authentication Capability of Application Boundary Security Device |
| |
| PENG Shuang-he,HAN-Zhen,SHEN Chang-xiang.A Way to Extend the Authentication Capability of Application Boundary Security Device[J].JOURNAL OF BEIJING JIAOTONG UNIVERSITY,2004,28(5):6-10. |
| |
| Authors: | PENG Shuang-he HAN-Zhen SHEN Chang-xiang |
| |
| Institution: | PENG Shuang-he~1,HAN-Zhen~1,SHEN Chang-xiang~2 |
| |
| Abstract: | In order to improve the security of Intranet, application boundary security devices must be set. A scheme to extend authentication capacity at the application boundary security device is proposed here by using double servers, which solves the problems such as passive attack, etc. That is existed in the current password_based authentication schemes at the application boundary security devices like Socksv5 servers. Considering safety, the proposed scheme here has more power to resist against attacks while at the same time passwords stored in authentication database at the application boundary security devices can be freely changed by users. The experiment shows that the proposed scheme retains just the same efficiency as the old one is. |
| |
| Keywords: | application boundary security device authentication double servers authentication hash function |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
