| With the rapid development of telecommunications technologies,network brings the convenience to people,but also faces a variety of challenges.In this case,the authentication has a very important role in building networks,just like "gatekeepers",guarding the security of the network.It is also the most vulnerable points to be attacked,whenever the authentication system is maliciouly attacked,the other security measures in the network will also collapse.Due to the complexity and mobility of the network connection,identification of legitimate users has become very complex.This paper studies the existing network access layer authentication in detail.It analyses the PPPoE,WEB and 802.1x authentication,then summarizes the advantages and disadvantages of those mechanisms.Through the analysis,it is found that authentication method based on IEEE 802.1x protocol compared to other authentication technologies has some advantages.This paper analyzes the risks of existing protocol 802.1x authentication mechanism,such as middle attacks,DoS(Denial of Service)attacks,etc.Based on those analysis,this paper proposes some solutions,it combines the 802.1x authentication process,designs and implements all the improved solutions.In the implementation,the paper described the 802.1x Authenticator module,and gives detailed description of the related sub-modules.It also put forward design of AAA module.Some experiments are carried out to prove feasibility of the anti-attack capability of system.The results show that although the improved protocol can lead to slight increase of switch CPU utilization,but it can solve the middleman attack and DoS attacks effectively. |
PDF Full Text Request