| Along with the unceasing expansion of network scale, the exponential growth of network application and the unceasing renewal of network technology, the network security is facing a more severe and complex situation. The lack of understanding of the safety control system, the network security policy and effective protection, makes all these risks at a higher level of complexity. Computer Terminal nowadays is more than the "terminal" we understood in a traditional way, it is not only a PC that connects intranet, it is more of a starting point and source of most activities, for example, it is the starting point where billions of users log in and browse networks, or visit internet via intranet connections, it is also the starting point where all the applications run and where all the data are generated from; It is also the source where viruses attack, or internal malicious attack, as well as thefts of internal protected data. Because of all these reasons, the only way to better control the source and stop all kinds of attacks within the intranet and damaged caused by the attacks, is to provide a perfect terminal security control and management system.Among security managements of intranet, Access Control is the basic to accomplish administrative terminal management functions. Access Control can help us automatically monitor the security and management status of desktop computers, to isolate or repair the unsafe computers. To use Access Control together with traditional network security systems such as firewalls, anti-virus systems, will protect our computers and networks in a more active defensive way, and better promote a compliance construction of intranet, reduce network accidents more effectively.Through research on current network security management system and analyze all security factors, a system structure based on IEEE802.1x identity authentication is proposed, it is called "Shandong Local Tax Bureau Network Security Management System".First of all, it explains the latest research on identity authentication technology in intranet security management system and its theory, based on that, the intranet security management system structure and identity authentication matrix is proposed, followed by detailed analyze of the identity authentication matrix. Based on the identity authentication matrix, the identity authentication management tool was researched and developed. This tool enables binding Ukey and users’identity, which plays a key role in government administrative intranet management and authentication system. For the purpose of authentication of network connection, in this article, we talk about a network connection plan based on IEEE802.1x protocol. By authorizing client’s and network switching device, it can effectively stop any attempts of an unauthorized user or equipment to connect with the government administrative intranet, as a result, to achieve the purpose of secure network management system, and to accomplish a strict management and audit of the intranet. At the meantime, this plan also enables the transition from users’identity authentication to authentication ot Ukey equipment, this will greatly improve users experience. In this article, the plan is fully tested and a summery and prospect is also elaborated based on the researches of this whole project. |
PDF Full Text Request