The Research Of Security Model Which Based On Authentication In Network Exam System

In recent years, many type network exam systems have been used widely, and been regarded highly by examination branch day by day. Nothing paper examination based on network will become a trend step by step, and will be to realize effective centering on student open education approach. A few mature exam systems have been developed at present already, but these systems only mostly satisfy the consumer from applicative angle, have little security considers, have no way to ensure exam's equality and security.This paper analyses the security problems in network exam system; introduces the information about network security and cryptography; discusses methods of the authentication and authentication protocal of Challenge handshake authentication,Kerberos,SSL; proposes a security model based on strong authentication which can complete the bidirectional authentication between students and server, i.e. complete client authentication based on OTP password and server authentication base on certificate; this model also supports transfer security on test paper,score,answer sheet and so on; the extra sub authentication plugin which used OTP password based on AD domain in MS Windows Kerberos authentication to protect the exam system server.This paper has mainly accomplished work as listed below:1,Designs and implements the core algorithm of OTP about time synchronism based on HMAC_SHA1, event synchronism and challenge/response asynchronous based on DES.2,Based on OTP algorithm, designs and implements soft token and high-performance OTP server, which used to complete the client authentication in network exam system. The OTP server was implemented by I/O completion port and database connection pools. The OTP server arrives at three kinds OTP technology (time synchronism, event synchronism, challenge/response asynchronism) integration together.3,In order to prevent it fom attact of fishing and ensure the transfer scurity, uses SSL protocol to complete server authentication and transfer security.4,In order to protect the server of exam system, implements the extra sub authentication plugin which used OTP password based on AD domain in MS Windows Kerberos authentication.The first chapter reviews the present situation and the security problems about the network exam system.The second chapter has introduced relevance knowledge about network security and the cryptology. With an emphasis on a few cryptology algorithms which used in this paper. The security problems in network exam system was analysed with these knowledge. The third chapter analyses the methods of authentication and authentication protocol, with an emphasis on OTP which was implemented in this paper, and SSL protocol which used in the fourth chapter, as well as Kerberos protocol which used in the fifth chapter.The fourth chapter gives the security model in the network exam system, designs and implements the core algorithm of OTP, soft token and OTP authentication server.The fifth chapter gives the design and implementation of OTP authentication system based on AD domain, which used to improve the security of network exam system server.