计算机与现代化 ›› 2010, Vol. 1 ›› Issue (5): 160-163.doi: 10.3969/j.issn.1006-2475.2010.05.045
• 信息安全 • 上一篇 下一篇
范智勇,许振和
收稿日期:
修回日期:
出版日期:
发布日期:
FAN Zhi-yong, XU Zhen-he
Received:
Revised:
Online:
Published:
摘要: 无线接入扩展传统有线网络的同时,也增加了外界入侵的渠道。针对有线网络与无线扩展形成的新边界的安全问题,在802.11i的基础上提出了改进的安全方案,采用CCMP数据加密和基于“数字证书+USBkey+SSID”的802.1X认证机制,实现对认证发起者的身份鉴别、无线设备的认证和安全准入。
关键词: 无线扩展, 网络边界安全, 802.11i, 802.1X, USBkey, 证书
Abstract: Wireless access adds new external intrusion channel while extending conventional wired network. For the new security problem from wired network and wireless extension, the paper proposes an improved security scheme on the basis of 802.11i. The scheme uses CCMP data encryption and 802.1X authentication mechanism integrating digital certificate, USBkey and SSID, to identify supplicant, authenticate wireless devices and implement secure access.
Key words: wireless extension, network perimeter security, 802.11i, 802.1X, USBkey, certification
中图分类号:
TP393
范智勇;许振和. 无线扩展引发的网络边界安全问题探讨[J]. 计算机与现代化, 2010, 1(5): 160-163.
FAN Zhi-yong;XU Zhen-he. Discussion on Network Perimeter Security Problem from Wireless Extension[J]. Computer and Modernization, 2010, 1(5): 160-163.
0 / / 推荐
导出引用管理器 EndNote|Ris|BibTeX
链接本文: http://www.c-a-m.org.cn/CN/10.3969/j.issn.1006-2475.2010.05.045
http://www.c-a-m.org.cn/CN/Y2010/V1/I5/160
