共查询到20条相似文献,搜索用时 125 毫秒
1.
IEEE802.1x/EAP-TLS认证协议的改进方案 总被引:2,自引:0,他引:2
无线局域网的安全性问题已日渐成为重要的研究问题,其中,认证机制是安全机制的重要内容.无线局域网采用IEEES02.1x认证协议.本文针对IEEE802.1x/EAP-TLS认证机制存在的安全缺陷,提出了协议的改进方案,在现有认证机制的基础上增加对客户端STA和接入点AP之间的双向认证,从而提高无线局域网的安全性. 相似文献
2.
802.1x协议的主要目的是为了解决无线局域网用户的接入认证问题.重点介绍了802.1x协议、EAP-TLS认证机制及其具体的认证过程;并提出了一个具体的无线局域网安全认证系统解决方案,从理论和实践上验证了EAP-TLS认证技术对增强无线局域网安全性的可行性和实用性. 相似文献
3.
4.
5.
梁竞敏 《计算机与数字工程》2008,36(6):133-135
分析无线局域网主要受到伪AP、伪网络、网络窃听、数据篡改、报文重放和拒绝服务等安全性威胁;并分析无线局域网的主要安全性技术以及各自存在的漏洞,最后提出通过采用IEEE802.1x认证技术在身份认证和数据加密中提高无线局域网的安全. 相似文献
6.
7.
无线局域网已经成为网络体系结构的重要组成部分,同时无线局域网的安全也越来越受到研究者的重视.本文介绍了无线局域网安全的相关概念和基本机制,从加密和认证等方面分析了无限局域网安全缺陷,最后讨论了改进的安全措施和方案. 相似文献
8.
无线局域网已经成为网络体系结构的重要组成部分,同时无线局域网的安全性也越来越受到人们的重视。本文介绍了无线局域网安全的相关概念和基本机制,从加密和认证两个方面,重点分析了无线局域网的安全缺陷,最后讨论了改进的安全措施和方案。 相似文献
9.
IEEE 802.1li协议使用基于802.1x和可扩展认证协议EAP的认证方案,但标准中并没有指定具体的EAP类型,采用何种EAP策略,直接关系到无线局域网的安全性能.介绍了802.1x和可扩展身份验证协议EAP在保障网络访问安全方面的工作原理,通过对EAP协议分析以及常用的EAP方法比较,提出了部署安全无线局域网的EAP策略;EAPTLS是用于大型机构无线局域网解决方案的EAP类型,PEAP是用于中小型企业无线局域网解决方案的EAP类型. 相似文献
10.
LI Ming-zhi 《数字社区&智能家居》2008,(8)
无线局域网作为一种无线接入技术得到了迅速的发展,但是它的安全机制却存在很大的安全隐患。如何保证无线局域网的安全性已成为目前重要的研究课题。其中,认证机制是安全机制的重要内容。无线局域网采用IEEE802.1x协议认证。本文针对IEEE802.1x协议容易受到中间人攻击和会话截取的缺陷,提出了协议的改进方案。主要在现有的IEEE802.1x协议的基础上增加客户端和接入点AP之间的相互认证。 相似文献
11.
During the many years in which I have been involved in building client/server systems, I have often been asked if there is any real difference between the security of client/server systems and that of traditional, mainframe-based systems. The simple though seldom heard answer is yes—adoption of such a new architectural paradigm has a direct impact on security. It does not significantly affect existing security objectives; in most cases, security objectives remain constant. However, a new systems architecture does require that existing security methods and tools be either changed or replaced with new security techniques and tools. In short, what has to be done remains constant; how it is done changes depending on the new systems architecture. This column addresses a number of the unique security issues that are raised by adoption of client/server technologies. 相似文献
12.
周金华 《数字社区&智能家居》2005,(23)
随着互联网在世界范围内的迅猛发展,网络规模迅速扩大,网络应用与安全局势日趋严峻,本文就计算机网络安全的产生、计算机网络安全的概念、计算机网络安全事件的分类和计算机网络安全的危害进行了探讨,目的是使人们在利用计算机网络带来的便利的同时,也深刻认识计算机网络存在的安全隐患。对于计算机网络安全事故关系国家安全、政治安全、经济安全、文化安全、行业企业个人安全的论述,旨在引起同行高度关注和综合评估计算机网络安全引发的事故造成的影响。 相似文献
13.
周金华 《数字社区&智能家居》2005,(8):38-41
随着互联网在世界范围内的迅猛发展,网络规模迅速扩大,网络应用与安全局势日趋严峻,本文就计算机网络安全的产生、计算机网络安全的概念、计算机网络安全事件的分类和计算机网络安全的危害进行了探讨,目的是使人们在利用计算机网络带来的便利的同时,也深刻认识计算机网络存在的安全隐患。对于计算机网络安全事故关系国家安全、政治安全、经济安全、文化安全、行业企业个人安全的论述,旨在引起同行高度关注和综合评估计算机网络安全引发的事故造成的影响。 相似文献
14.
An automated security management integrating various security systems is strongly required because cyber attacks are evolving day after day. Moreover, the attacks are become more complex and intelligent than past. Several integrated security management (ISM) models are supposed and implemented to meet the requirements. However, the current ISM is passive and behaves in a post-event manner. To reduce costs and resources for managing security and to remove the possibility of an intruder succeeding in attacks, the preventive security management technology is strongly required. This paper proposes the PRISM model that is based on tracing important assets in a managed network and performs preventive security management before security incidents occur. Additionally, PRISM model employs security labels to deploy differentiated security measure. The PRISM will provide concrete and effective security management to the organizations network. 相似文献
15.
16.
James Bone 《EDPACS》2016,54(5):1-11
Cyber risk professionals face a formidable challenge in keeping pace with the asymmetric nature of today’s advanced threats in cyber security. Spending on cyber security has skyrocketed yet the threat continues to grow exponentially. This phenomenon is called the Cyber Paradox and describes what has become an entrenched battle for security professionals in defending against an increasingly sophisticated adversary that, to date, has adapted faster than defensive measures to prevent loss of data or access to sensitive information. Conventional security defenses have proven less than effective resulting in a virtual “Maginot’s Line” of increased fortification by hardening the enterprise yet resulting in greater vulnerability to achieving the goals of defending the organization from cyber threats (“Maginot’s Line”, n.d.). This article reviews the causes of these misperceptions in security defense and explores research in decision science, intelligence and security informatics, machine learning, and the role of simplicity in shaping a cognitive risk framework. The findings conclude that the human-machine interaction is the greatest threat in cyber space yet very few, if any, security professionals are well versed in strategies to close this gap. The purpose of this article is to bring to light evolving new strategies with promising success and to reveal a few surprises in how simplicity is an under-appreciated strategy in cyber security. Complete text of “Cognitive Hack: The New Battleground in Cybersecurity … the Human Mind” is available here: https://www.crcpress.com/Cognitive-Hack-The-New-Battleground-in-Cybersecurity--the-Human-Mind/Bone/p/book/9781498749817 相似文献
17.
18.
计算机网络安全体系的一种框架结构及其应用 总被引:14,自引:3,他引:11
文章首先给出计算机网络安全体系结构相关概念的定义,然后从安全需求的角度提出了计算机网络安全体系的一种框架结构。通过分析各种安全服务之间的依赖关系,提出一种按照安全服务安全机制的强度对网络安全进行分类和分级的方法;结合 IPSec和 SSL,分析了 TCP/IP协议体系各层的安全机制,提出了实现安全服务和安全管理的协议层实体模型;最后给出了单元安全技术在安全体系结构中的位置,并论述了该框架结构在实际网络工程安全设计中的应用。 相似文献
19.