| Human society has entered an information society. The development of social economy depends on information resource,information technology and information industry more and more. It is obvious that information as a resource for the social development is more and more important. Information security relates to country security, social stability and economy development. Identity authentication is an effective method to ensure information security. It plays an important role in information system. Identity authentication on which other security services depend is a basic security service. So studying on identity authentication technology has much meaning in protecting information and expediting information security construction. Firstly, this paper analyses two authentication mechanism based on the third party, one is PKI, another is Kerberos. Describes their system framework and principle. After pointing out two mechanism's advantage and disadvantage, This thesis give corresponding improved methods to overcome Kerberos' s limitation. Especially, in order to resolve the problem that Kerberos is difficult to manage users' key, an improved scheme based on public key was put forward. Secondly, this paper studies on familiar password authentication technology. it describes dynamic password's principle and threat which dynamic password authentication faces. Then a typical S/Key scheme and S/Key's improved scheme—SAS scheme are introduced. Absorbing the two scheme' design idea, an improved scheme---one new dynamic password authentication scheme based on symmetrical cipher is proposed. The new scheme which has a good security can overcomes S/Key and SAS' s security flaws. Finally, this paper introduces concept of single sign-on and unification authentication thought. Through appling the password authentication scheme which is proposed in the fourth chapter to unification authentication system, we get a model of unification authentication system. This model can eliminate all flaws which independent authentication has, and enhances the overall security of application system effectively. |
PDF Full Text Request