| With the development of computer technology and globalization of information, the security of Internet network has increasingly attracted somebody's attention of the relevant scholars and computer users. Authentication service is used to identify the status of the two sides of the communication. It is the first line of defense for a security system, and has great significance in the information security theory and technology. Nowadays, there are several commonly authentication methods, such as password-based, physical-proof-based, biological-characteristic-based, physical-address-based, and PKI-based. Dynamic password technology is more effectively to defend against the attacks such as the eavesdropping-attack and dictionary-attack which are caused by Static password.For the existing dynamic password systems, they are difficult to manage the tokens and solve the problem of out-of-step. The paper designs a dynamic password system which is safe and easy to use. The system chooses mobile terminal as token and HMAC algorithm to generate a dynamic password. The server of the system can manage the tokens through wireless communication.At first, the paper will research the currently used authentication technology and dynamic password technology. Then the paper will propose a kind of dynamic password token based on SD card. Further, the paper will design the main functions and protocols for the system. Finally, the paper will use J2EE technology to develop and implement the system. |
PDF Full Text Request