Design And Its Implementation Of Bank Information Security Certification System Based On 802.1X Protocol

Information Technology (IT) has become the basic platform and necessary means for the effective operating and the kernel competition capability improving of all the business banks. Meanwhile, with the increasing relying on the information technology and the quick development of new services (such as the network bank and the customized bank), information systems become more and more complicated. With the flooding of different kinds of network attack, the banking industry is facing more and more serious information security challenges. Bank managers have realized the importance of the information security to its steady operating and healthy development, and some basic work in the information security management should have been done (such as including the IT risk into comprehensive risk management system). Based on the information security management, such as no unified planning, doing work partly and without good order, etc, and these limitations must be solved with the better ways.For this reason, design and implementation of bank information security certification system based on the 802.1X protocol are researched in this paper. Aimed at analyzing the 802.1X protocol and its key technology, the specific application of 802.1X protocol in bank system is discussed, which include business processes, layout program, client, port control module and server design. Certification system client software, authentication system, authentication server port control module, specific programs are all be propose. Finally, the functional test for this system is completed. The specific study is as follows: 1) Introducing the system structure, mechanism and communication protocol used by authentication roles of IEEE802.1X standard in detail. Then, Comparing the capability of current primary authentication technology (PPPoE, WEB and 802.1X), putting forward the advantages of IEEE 802.1X applied in Ethernet Access authentication. Finally, discussing the structure of Ether Access Network that adopts 802.1X, simply describing the main equipment's mechanism and function, summing up the hardware compatibility problems of existing network and corresponding resolutions. With the requirement of bank information security certification system, the paper bring forward the protections based on 802.1X access authentication to eliminate normal network security trades and its importance.2) Describing in detail the design process of system business, the detailed design of the system modules are carried out, focusing on the described 802.1X authentication design. Through describing the existence of the security risks of the system, the importance of design and operability of the security of the system are proposed. The certification process for the system includes the following aspects: business processes, layout program, client, port control module and server design.3) The 802.1X client has been made a more comprehensive design and discussion, as well as its implementation and operation of each module, and finally the Radius server configuration is introduced. In the implementation process, some of the main analysis module includ client software authentication system, authentication system, the port control modules, as well as authentication servers.