Design And Implementation Of A Secure Non-aware Access System In Wireless LAN

In the process of university information construction,how to make the campus network easy and quick to use is a problem that the university network department must solve.The current campus network generally belongs to the local area network,and the wireless local area network represented by IEEE 802.11 technology occupies an important position in the construction of the campus network.For the campus network,the users of the wireless LAN have teachers and students on campus,as well as persons out of the campus.In order to protect the security of campus resources and the stability of systems in campus,access certification has become an important part of the campus wireless network.In order to solve the problem of access authentication for campus wireless LAN,this paper investigates some access authentication methods such as PPPoE,IEEE 802.1x and Web Portal based on the authentication requirements of campus wireless LAN,and designs and implements a wireless LAN access authentication system with no-awareness,which combines usability and safety.The main features of this system are as follows:First,the system uses the Web Portal authentication method,which is the most convenient and most widely used authentication method.However,the Web Portal method has insufficient security compared to other authentication methods.In order to solve this problem,the system adopts the idea of One Time Password(OTP)and uses the DHCP system to cooperate with the authentication system for non-aware authentication to avoid frequent transmissions of user sensitive information in the network during the non-aware authentication process,and enhances security for non-aware authentication.Second,in the implementation of the certification business,the system uses the CMCC Portal,a certification industry standard protocol developed by China Mobile,which makes the authentication system have better compatibility and scalability in the process of network upgrade.In addition,in order to meet the requirements of the authentication management of the WLAN,the system implements a background management module for the non-aware admission system,which facilitates the network administrator to query and audit the authenticated user and configure the authentication service.The WLAN non-aware authentication system designed and implemented in this paper has been deployed in the campus network of Beijing University of Posts and Telecommunications,and it runs stably with at least 300 requests per second.