Research And Design Of Network Admission Control Based On Certificate Authority

More and more corporations are taking steps to build their business platform, which is based on the development of Internet and Intranet. Office Automation(OA) System is an information system that facilitate collecting, dealing with, transporting and sharing office information inside a company or between companies. Latest OA are increasingly based on WEB application, while these OA systems are in B/S architecture, and we are having more security consideration that are not existing in C/S architecture. How to make the most efficient usage of resource, ensure the security of secret information, and deny illegal operation from anybody. These are the key security conflict. This paper studies NAC (Network Admission Control), which is a helpful way the solve the questions.This paper introduced part of security system in KaiSheng OA application. I give a brief introduction on OA (including E-government) history in China and abroad, the concept of NAC, important technology in NAC and how NAC works. I also introduce encryption history, encryption technology and identification methods. And conceived a practical NAC scheme.The NAC scheme including Admission Control and Certificate Authority. Admission Control makes sure that only legal and safe user is able to use OA system. This will protect the network as well as the OA system. Admission Control's key role includes: Identify the user;Evaluate security of user's computer;Response according to the computer's security status.The network under Admission Control admit legal user , who is using trusting computer, from anywhere. The computer's security status is including anti-virus software's version, operation-system's service pack and so on. Admission Control collects such information and provides special service to the users, such as admission, rejection and isolation. Isolation is another kind of service, the Admission Control will provide a update service for the user' computer, in order to match security evaluation. The core of NAC is based on Certificate Authority (CA).This paper is focusing on CA system. We use the system to manage Digital Certificates, and those Digital Certificates will be vital in Identification. By using Digital Certificates, identification and encrypt communication are both realized, this ensure OA's security.