| With the rapid development of wireless LAN, wireless LAN which is used more and more widely, now has been applied to all aspects of social life. However, the openness of wireless LAN, like no clear borders, makes attacker to access the network information and do their attackers easily. Thus the security problem of Wireless LAN has become one of the most important issues.IEEE 802.1X, which is port-control-based cut over precinple is suitable for wireless network .It also can makes up many exiting defects in wireless network.In IEEE 802.1X/EAP-TLS authentication, through intercepting the information that is transmitted expressly in the data frame,attack ers can easily grasp the time to attack the wireless networik by faking the authenticator or client-station.A new way is adopted to sovle the vulnerability existing in IEEE 802.1X/EAP-TLS authentication that encrypting the explicit information in the data frame, thus attackers can't get the encrypted information,without which they don't know when to attack.This way can prevent network attacks and improve wireless network security.First of all ,this thesis gives a summarize and makes a orientation about research range, introduces the structure of WLAN, authentication standard of wireless networks protocols including IEEE 802.1X and WAPI that is a wireless network standerd developed by China. Through analyzing their defects and advantages, this thesis points the serious defects in WEP which is used in IEEE 802.11, and explains the root cause of these defects.Then, this thesis makes concentrated introduction IEEE 802.1X authentication protocol, analyses its structure and authentication process of EAP-TLS.IEEE 802.1X. After analyzing kinds of security menaces existing in IEEE 802.1X protocol and summarizing former research production on security authentication,this thesis proposes own improvement thought based on former research.In the end, a module analysis and code practice aimed at the improvement authentication are made. |
PDF Full Text Request