Design And Implementation Of Mobile Security Access System Based On Domestic Commercial Encryption Algorithm

With the situation that mobile access system is used in all walks of life,users can access to network resources at anytime,anywhere by mobile terminals.But there is some network attackers using the means of hacking,virus to destruct network communication of mobile access system which seriously affects the safety of the system.As for the threat on the network,VPN technology is the first choice,and the question can be solved by the SSL VPN or IPSec VPN technology.However,The mobile security access system of using VPN technology is difficult to achieve the balance between safety and performance,and need to adjust the encryption algorithm and function.Aiming at the existing the problems of mobile access system,this thesis proposes that domestic commercial hardware encryption algorithm as encryption storage module is applied to mobile access system based on the Android platform as the background,researches system security according to the four stages of before access,during access,after access and exiting system,implements all the functions of the whole security access system by the four modules of the mobile client,the network transmission,security access zone and the Intranet server.This System uses the TF card of supporting domestic commercial hardware encryption algorithm as encryption and storage module,adopts the handshake protocol of SSL protocol to implement the secure connection between client and server in the phase of login and authentication,changes the identity authentication way of handshake protocol into the way of identity authentication based on users'roles,adds the phase of equipment identity after handshake.This System adds the drive of virtual network card to the mobile terminal,achieves the construction of encrypted tunnel by function of cutting packages of virtual network card.During accessing network resources,the important data transmission of the system is implemented by encrypted tunnel.After testing the function,safety,performance of the system,the system has mainly possessed the function of secure communication.On the condition that integrated secure strategy and domestic commercial encryption algorithm are applied to this system,the demand for security and performance of this system can be satisfied.After testing the response of system,The average access time for smart phones and tablets is 1349.13ms and 1393.13ms respectively,less than 1500 milliseconds that is the response time of design objective.The average response time of accessing intranet resources for smart phones and tablet computers is 79.25ms and 80ms respectively,much smaller than 150ms.In conclusion,the application of this system not only can improve the safety of the user's information,but also can partly reduce the risk of internal network.