| Along with the development of science and technology, network has come into every corner of our lives. It brings great convenience to people. At the same time, it also makes user’s sensitive information easy obtained by illegal access. So people propose network access authentication as a new network information security solution.Currently, the most widely used network access authentication technologies are802.1X, PPPOE and WEB.802.1X is both a protocol based on port and an authentication framework for the process.However,after studying the protocol deeply,some weeknesses arise.To improve it, the paper optimizes and improves the802.1X system in the three aspects, which are the server stability and anti-DoS-attack ability, and client-key-management mechanism, and authentication method safety and efficiency, respectively. The main principles are described as follows. On the server, the techniques of Ramdisk and mac binding are used to improve and strengthen the abilities of the system stability and anti-DoS-attack. Meanwhile, IC card technique is used to improve the safety of the key management on the client. On the based of the above infrastructure, eap-md5and eap-tls multiple authentication techniques are proposed to make the system reach a balance between safety and efficiency.The experiment result shows that the improved802.1X system has a great promotion on comprehensive performance.The improved server can load system successfully on the case of unexpected poweroff or disk damage, and resist DoS attack of malicious authentication requests. The client key management on IC card is implemented, which the private key is totally in the smart card and thus prevents the key leakage. The experiment shows that authentication simultaneously technology proposed raises the effiency of the system. |
PDF Full Text Request