| With the opening and commercialization of Internet, more and more Intranets have been connected to the Internet. It is important to guard against an illegal invasion in Intranet under the Internet environments. The most effective method is to set a firewall which control the secured access and guard Intranet between Intranet and Internet. Firewall which is a synthesized technology can control the access and prevent the hostility data, and allow correct data in net borderline, inside or host computer. Authentication is the first defense of the firewall, and it is the base of other secured services. Authentication of firewall is the first toll-gate to guard Intranet,which answers for all authentication of users for Intranet and Internet, and uniform management to that, so we set up a uniform and security authentication system is very meaning.This essay analysis the accessed controlling of firewall and points out some drawbacks. Advanced authentication in firewall combing PKI and firewall technology, we design a PKI-Based firewall authentication system. Designed as an alone authentication system through drawing authentication department, this system can complete mostly some application services which need high security and can control the authority of users extent to visit the resource of local area network. This system concludes three parts: authentication service, authentication client and application proxy, which has some characteristic as follow: this system is very agile, expansible and integrates with other authentication. By accrediting users to different roles to control in system, everyone has relevant power to access Intranet, which improved the network efficiency of system. By applying X.509 certificate and the public key protocol, we improve the security and expansion of system, and also improve the unitary security of system. |
PDF Full Text Request