Research Of Authentication And Access Control In Open Laboratory

Digitalization has become an important part of the college infrastructure. Many colleges and universities have lunched digital management system development and application, which based on campus network. Opening Laboratory management system is a significant component. With the popularization of network application, the higher security of the system is demanded. To strengthen the security research is necessary. Recent years, authentication based on the digital certificate and role-based access controls have features of safe and flexibility that enhance system security very prospect.In view of the urgency and importation of the security research, identity authentication mechanism and access control strategy were researched and implemented on opening laboratory system based on network. Specifically, the security feathers of existing laboratory were studied. The security of variety of authentication mechanisms was deeply contrasted and analyzed. PKI-based digital certificate authentication was chosen. Information summarizing and digital signature for users'accounts and passwords ensured identity uniqueness. And Dynamic Secret Key was adopted for encryption and decryption of data transmitted over the Internet. Digital certificates confirmed the legitimacy of users'identity. By analyzing variety of access control strategy's advantages and disadvantages, role-based access control strategy was adopted, and the role-leaded access control solution was designed. And then, the development of the audit management model and intrusion detection model further controls the accession of the user. So system security model was implemented on the opening system.The core of identity authentication and access control system was mainly implemented by Java language. System data was stored and accessed by SQL Server 2000 in the background. The use steps were introduced. The solution's effectiveness was proved by typical examples and corresponding results. In the end, the summary was given and campus network platform's construction was discussed.