Research And Optimization Of Terminal Access Control Technology Based On 802.1X

With the increasing popularity of wireless local area networks and mobile terminals in people's lives,wireless local area network security has long been firmly rooted in the hearts of people,and has always been the focus of attention of the entire society.There are a series of security threats to network,such as information disclosure,illegal access,malicious attacks,etc.In the face of these threats,to strengthen access control is the most fundamental and effective way,which can eliminate them from the source.Therefore,it is very important to establish a safe and efficient wireless access control system.In this paper,we have carried on the thorough research to the existing authentication technology and related agreement.Based on the 802.1X authentication architecture,an self-matching authentication model combined with the advantages of EAP-TLS and EAP-MD5 authentication methods is proposed.And the model has been improved through in-depth analysis of the possible safety problems in this model.Then a safe and efficient access control system is designed based on the actual situation.This system not only meets security but also has high efficiency through testing.This paper is based on the 802.1X authentication framework,and analyzes in detail the 802.1X protocol and EAP protocol used in the access control system and the working mechanism of the RADIUS server.This paper puts forward the self-matching authentication model,which is based on EAP-TLS and EAP-MD5.In this paper,this authentication model is optimized and improved.The MAC address binding to the terminal is proposed on the server because the 802.1X ignores the control of the terminal device.In order to strengthen the security of this system,many measures have been taken by in research of the possible attack in the system.Based on the MAC binding,the paper properly improve the EAPOL protocol and set the Cookie check field to increase the data frame verification.As a result,this system effectively defends against DOS attacks and man-in-the-middle attacks.In particular,the combination of USB Key technology and EAP-TLS is used to improve the efficiency of the entire access control system.According to the above system research,the terminal access control system,which has three modules: client,authentication system and authentication server,is designed and optimized combining the principles of safety,efficiency,etc.Then the paper builds a specific experimental environment and designs proper test programs.Finally,the paper respectively tests the original system and the optimized system from two aspects of safety and efficiency by using corresponding test programs.According to the comparative analysis of the test results,it shows that the designed system safety performance and efficiency have been greatly improved.