共查询到20条相似文献,搜索用时 93 毫秒
1.
基于口令的身份认证机制是目前多数应用系统采用的安全机制,动态口令相较于静态口令具有很多优点,是未来身份认证机制的发展方向。本文以实例剖析动态口令身份认证机制的实现。 相似文献
2.
在移动支付中,交易主体的身份认证是判断和确认交易双方真实身份的重要环节,可以保证每个交易主体的访问与授权的准确。本文通过分析国内外一次性口令认证技术的研究现状、认证技术以及移动支付中的安全问题,对一次性口令认证技术进行改进,提出基于移动支付的一次性口令身份认证的方案。 相似文献
3.
在开放系统通信协议提供的五种主要安全服务中,身份认证是第一层防护,也往往是其他服务的基础.目前,一次性口令被公认是最为安全的身份认证机制.本文提出了目前应用最为广泛的RADIUS协议的一个变种,修补了其前身在保密性完整性等方面的一些安全缺陷漏洞,并讨论了基于事件同步的跨平台一次性口令认证系统的整体架构和认证算法,为小体量高安全性要求的认证环境提供了一种简单可靠的AAA通信方案. 相似文献
4.
针对员工单一静态口令安全机制所存在的问题,提出了一种基于一次性口令和人脸识别的身份认证方法.本文采用MFA算法对人脸进行特征提取,单向函数生成一次性口令并用该口令加密人脸特征,实现服务器端与客户端之间的双向身份认证,解决了小数攻击和人脸数据信息泄露等安全问题,提高了信息系统的安全性. 相似文献
5.
6.
《信息安全与通信保密》2001,(11)
GefonTM SID是对“用户名 口令”等模式的身份认证系统进行改造的身份认证与访问控制系统。该系统采用格方公司独有的专利技术——ECHAP安全身份认证协议来鉴别用户的身份,彻底消除了原有系统的以下安全隐患:口令在客户端易被猜测;口令在用户录入易被黑 相似文献
7.
网络身份认证是网络安全的第一道屏障,它的安全性直接影响到网络应用的安全。本文研究了网络身份认证系统工作过程,列举出简单"用户名/口令"形式的身份认证存在的问题,并针对其弊端提出动态口令网络身份认证系统的解决方案。 相似文献
8.
9.
10.
基于手机令牌的动态口令身份认证系统 总被引:2,自引:0,他引:2
随着无线网络的日益完善,通过手机无线接入Internet的用户不断增加,因此解决无线接入用户的身份认证问题极为重要。动态12令已经成为认证机制新的发展趋势,它提供了比传统静态口令更高的安全性。文中设计了一种基于挑战/应答机制的动态口令认证协议,并根据此协议设计了一个基于手机令牌的动态口令身份认证系统,论述了系统的组成、认证过程,分析了系统的安全性。分析表明,该系统具有安全性高、适用面广、使用方便、系统成本低的特点。 相似文献
11.
12.
An authentication system, which does not require a password table to authenticate its users, is proposed. By removing a password table, and introducing smart card and fingerprint verification, the scheme can be more secure and reliable. In addition, the scheme can withstand message replaying attack and impersonation 相似文献
13.
Nowadays, the password-based remote user authentication mechanism using smart card is one of the simplest and convenient authentication ways to ensure secure communications over the public network environments. Recently, Liu et al. proposed an efficient and secure smart card based password authentication scheme. However, we find that Liu et al.’s scheme is vulnerable to the off-line password guessing attack and user impersonation attack. Furthermore, it also cannot provide user anonymity. In this paper, we cryptanalyze Liu et al.’s scheme and propose a security enhanced user authentication scheme to overcome the aforementioned problems. Especially, in order to preserve the user anonymity and prevent the guessing attack, we use the dynamic identity technique. The analysis shows that the proposed scheme is more secure and efficient than other related authentication schemes. 相似文献
14.
15.
SSL VPN安全网关为传输层和应用层协议提供安全隧道,利用安全隧道技术,在传输层实现互联网网络信息的安全保护,能够利用公共网络为用户建立虚拟的专用网络,提供比专网更加安全的通信信道。SSL VPN安全网关以国家密码管理局审批的密码卡为基础密码器件,为其提供密钥运算、密钥保护、密钥备份恢复等功能;操作系统采用裁剪的Linux系统,同时,严格遵循国家密码管理政策和相关设计规范,实现了基于传输层的SSL VPN安全网关,为各种应用提供了身份认证和安全传输的需求。在政府、金融、运营商、能源、交通等领域具有广泛的用途,有明显的社会效益和经济效益。文章对此展开了分析。 相似文献
16.
张利华 《微电子学与计算机》2007,24(6):80-83
分析了一个低开销的基于随机数的远程身份认证方案的安全性,指出了该方案的安全缺陷。构造了一个基于随机数和Hash函数、使用智能卡的远程身份认证方案(NHRA方案)。该方案使用随机数,避免了使用时戳带来的重放攻击的潜在风险。该方案允许用户自主选择和更改口令,实现了双向认证,有更小的计算开销;能够抵御假冒远程主机攻击、抵御假冒合法用户攻击;能够迅速检测口令输入错误及正确判断认证失败原因;具备强安全修复性。 相似文献
17.
A secure and enhanced elliptic curve cryptography‐based dynamic authentication scheme using smart card 下载免费PDF全文
Madhusudhan R Manjunath Hegde Imran Memon 《International Journal of Communication Systems》2018,31(11)
In remote system security, 2‐factor authentication is one of the security approaches and provides fundamental protection to the system. Recently, numerous 2‐factor authentication schemes are proposed. In 2014, Troung et al proposed an enhanced dynamic authentication scheme using smart card mainly to provide anonymity, secure mutual authentication, and session key security. By the analysis of Troung et al's scheme, we observed that Troung et al' s scheme does not provide user anonymity, perfect forward secrecy, server's secret key security and does not allow the user to choose his/her password. We also identified that Troung et al's scheme is vulnerable to replay attack. To fix these security weaknesses, a robust authentication scheme is proposed and analyzed using the formal verification tool for measuring the robustness. From the observation of computational efficiency of the proposed scheme, we conclude that the scheme is more secure and easy to implement practically. 相似文献
18.
分析了Das, Saxena和Gulati提出的一种基于动态ID的远程用户身份认证方案的安全性,指出了此方案的安全缺陷.在保留原方案优点的基础上提出了一些改进措施,验证结果表明:改进措施提高了方案的安全性和实用性. 相似文献
19.
Mohammad Javad Sadri Maryam Rajabzadeh Asaar 《International Journal of Communication Systems》2020,33(14)
Internet of Vehicles (IoV), as the next generation of transportation systems, tries to make highway and public transportation more secure than used to be. In this system, users use public channels for their communication so they can be the victims of passive or active attacks. Therefore, a secure authentication protocol is essential for IoV; consequently, many protocols are presented to provide secure authentication for IoV. In 2018, Yu et al proposed a secure authentication protocol for WSNs in vehicular communications and claimed that their protocol could satisfy all crucial security features of a secure authentication protocol. Unfortunately, we found that their protocol is susceptible to sensor capture attack, user traceability attack, user impersonation attack, and offline sink node's secret key guessing attack. In this paper, we propose a new authentication protocol for IoV which can solve the weaknesses of Yu et al's protocol. Our protocol not only provides anonymous user registration phase and revocation smart card phase but also uses the biometric template in place of the password. We use both Burrow‐Abadi‐Needham (BAN) logic and real‐or‐random (ROR) model to present the formal analysis of our protocol. Finally, we compare our protocol with other existing related protocols in terms of security features and computation overhead. The results prove that our protocol can provide more security features and it is usable for IoV system. 相似文献
20.
Jing Chao 《电子科学学刊(英文版)》2012,29(6):550-555
This paper analyzes the security performance of a latest proposed remote two-factor user authentication scheme and proposes an improved scheme based on the dynamic ID to avoid the attacks it suffers. Besides this, in our proposed scheme the password is no longer involved in the calculation of verification phase which makes our scheme more secure and costs less than the old one. At last we analyze the performance of our proposed scheme to prove it provides mutual authentication between the user and the server. Moreover, it also resists password guessing attack, server and user masquerade attack and replay attack effectively. 相似文献