| In recent years, with the rapid development of the Internet and informationtechnology, network application is more and more popular. TCP/IP protocol widelyused in the Internet, it’s designed for the United States Department of Defense internaltrusted network at initially, and it doesn’t consider too much for security on technology,so it cause lots of secuirity problem after applied to the opening network eviroment.Access control technology as an important measure to guarantee the informationsecurity, is obtained the domestic and foreign academic research in recent years andachieved a stage of development and breakthroughs.User identity can’t be authenticated is one of the key reasons to lead to informationsecurity risks. The traditional network access control technology is usually through auser name and password, but because it is weak, and can’t completely solve networksecurity problem in user indentity authentication. In recent years, with thedevelopment of information security technology, based on the Public Key Infrastructure(PKI) and the Privilege Management Infrastructure (PMI) network securitytechnology has been widely used.In this thesis, I based on the Public Key Infrastructures and Privilege ManagementInfrastructure technology, combined with the Role Based Access Control technology,design a real-named network access control system, a solution to the authentication,privilege management, access control in the network space. The system uses digitalcertificate to realize for network user authentication and authorization, via stick aidentity-label on network request to realize real-name access control. It provides aeffective solution for construction of a contolable, trustable, auditable and managablesecurity network environment. |
PDF Full Text Request