共查询到20条相似文献,搜索用时 15 毫秒
1.
Kerberos: an authentication service for computer networks 总被引:19,自引:0,他引:19
When using authentication based on cryptography, an attacker listening to the network gains no information that would enable it to falsely claim another's identity. Kerberos is the most commonly used example of this type of authentication technology. The authors concentrate on authentication for real-time, interactive services that are offered on computer networks. They use the term real-time loosely to mean that a client process is waiting for a response to a query or command so that it can display the results to the user, or otherwise continue performing its intended function. This class of services includes remote login, file system reads and writes, and information retrieval for applications like Mosaic 相似文献
2.
周成跃 《信息安全与通信保密》2002,(12):5-6
6月29日,我国政府采购法正式出台。在此之际,中国信息安全产品测评中心编辑出版了我国第一本《信息安全产品政府采购指南》。财政部国库司周成跃副司长在此文中献信息安全认证与政府采购问题作了详尽的阐述。 相似文献
3.
4.
5.
6.
曲劲光 《电信工程技术与标准化》2013,(12):24-27
本文简要介绍了WLAN认证系统的安全性研究,主要涉及安全组网、Web安全、设备自身安全、业务逻辑安全及日常审计及安全应急响应等。 相似文献
7.
8.
主要介绍了在交互式动态网站中Http协议的特点和缺陷,阐述了PHP中Session技术的工作方式,在PHP中设计实现了身份认证,并利用Session克服了HTTP协议的缺陷,又防止了信息的泄露,这种机制思想简单,易于实现,而且方便了编程者的使用,是一个比较好的解决方案。 相似文献
9.
This paper seeks to understand how network failures affect the availability of service delivery across wide-area networks (WANs) and to evaluate classes of techniques for improving end-to-end service availability. Using several large-scale connectivity traces, we develop a model of network unavailability that includes key parameters such as failure location and failure duration. We then use trace-based simulation to evaluate several classes of techniques for coping with network unavailability. We find that caching alone is seldom effective at insulating services from failures but that the combination of mobile extension code and prefetching can improve average unavailability by as much as an order of magnitude for classes of service whose semantics support disconnected operation. We find that routing-based techniques may provide significant improvements but that the improvements of many individual techniques are limited because they do not address all significant categories of network failures. By combining the techniques we examine, some systems may be able to reduce average unavailability by as much as one or two orders of magnitude. 相似文献
10.
Yixin Jiang Chuang Lin Hao Yin Zhen Chen 《Wireless Communications and Mobile Computing》2008,8(1):101-112
IEEE 802.11 wireless local area networks (WLAN) has been increasingly deployed in various locations because of the convenience of wireless communication and decreasing costs of the underlying technology. However, the existing security mechanisms in wireless communication are vulnerable to be attacked and seriously threat the data authentication and confidentiality. In this paper, we mainly focus on two issues. First, the vulnerabilities of security protocols specified in IEEE 802.11 and 802.1X standards are analyzed in detail. Second, a new mutual authentication and privacy scheme for WLAN is proposed to address these security issues. The proposed scheme improves the security mechanisms of IEEE 802.11 and 802.1X by providing a mandatory mutual authentication mechanism between mobile station and access point (AP) based on public key infrastructure (PKI), offering data integrity check and improving data confidentiality with symmetric cipher block chain (CBC) encryption. In addition, this scheme also provides some other new security mechanisms, such as dynamic session key negotiation and multicast key notification. Hence, with these new security mechanisms, it should be much more secure than the original security scheme. Copyright © 2006 John Wiley & Sons, Ltd. 相似文献
11.
本文介绍了WLAN业务现状、业务认证方式及其应用情况,并对无感知WLAN认证的方式以及引入无感知认证方式后的业务推广进行了分析. 相似文献
12.
针对恶意APK文件泛滥问题,综合静态、动态安全检测和APK重签名技术,设计了一套安全的Android应用审核认证系统,它由基于Web应用的安全审核平台和智能终端APK安全认证模块构成。安全审核平台利用强健的调度子系统完成了批量APK应用的提交、安全检测、重签名、发布及统计查询功能,保证了发布到官方应用商城中APK的安全性;智能终端APK安全认证模块引入了新型的重签名技术,可有效判断APK应用是否由"官方"安全认证。由此可见,该系统从"源"(应用商城)到"端"(智能终端)保障了APK文件的安全。 相似文献
13.
This paper describes a new mobile authentication method which is based on an Open ID Connect standard and subscriber identity module card. The proposed solution enables users to access websites, services and applications without the need to remember passwords, responses or support of any equipment. The proposed method is evaluated from the users’ perspective as well as from the security viewpoint. Moreover, we compare it with the two most popular existing authentication schemes i.e. static passwords and SMS OTP (one time password). In order to evaluate user’s view on various authentication methods a questionnaire was prepared and distributed among 40 participants. Obtained results revealed that the new authentication scheme yielded better results than the existing methods. Finally, we also performed a security analysis with respect to all abovementioned authentication solutions to assess whether there are any major risks related to the proposed method. 相似文献
14.
15.
Weaknesses in an anonymous authentication scheme for roaming service in global mobility networks 总被引:2,自引:0,他引:2
《Communications Letters, IEEE》2009,13(7):471-473
Recently, Chang, Lee, and Chiu proposed an enhanced anonymous authentication scheme which permits mobile users to anonymously enjoy roaming service in global mobile networks. In this letter, we show that their scheme fails to achieve the anonymity by providing four attack strategies. Moreover, we show that anyone can recover a mobile user?s session keys by using the identity of the mobile user. Hence, Chang et al.'s scheme cannot provide secure key establishing service since an adversary can recover the identity of a mobile user by performing one of our attacks. 相似文献
16.
Thomas Kothmayr Corinna Schmitt Wen Hu Michael Brünig Georg Carle 《Ad hoc Networks》2013,11(8):2710-2723
In this paper, we introduce the first fully implemented two-way authentication security scheme for the Internet of Things (IoT) based on existing Internet standards, specifically the Datagram Transport Layer Security (DTLS) protocol. By relying on an established standard, existing implementations, engineering techniques and security infrastructure can be reused, which enables easy security uptake. Our proposed security scheme is therefore based on RSA, the most widely used public key cryptography algorithm. It is designed to work over standard communication stacks that offer UDP/IPv6 networking for Low power Wireless Personal Area Networks (6LoWPANs). Our implementation of DTLS is presented in the context of a system architecture and the scheme’s feasibility (low overheads and high interoperability) is further demonstrated through extensive evaluation on a hardware platform suitable for the Internet of Things. 相似文献
17.
Qing Qian Hongxia Wang Xingming Sun Yunhe Cui Huan Wang Canghong Shi 《Telecommunication Systems》2018,67(4):635-649
With the rapid development of Internet, it brings a lot of conveniences. However, the data transmission and storage are faced with some security issues that seem to be obstacles to overcome, such as privacy protection and integrity authentication. In this paper, an efficient speech watermarking algorithm is proposed for content authentication and recovery in encrypted domain. The proposed system consists of speech encryption, watermark generation and embedding, content authentication and recovery. In the encryption process, chaotic and block cipher are combined to eliminate the positional correlation and conceal the statistical feature. In the watermark embedding process, approximation coefficients of integer wavelet transform are used to generate watermark and the detail coefficients are reserved to carry watermark. Theoretical analysis and simulation results show that the proposed scheme has high security and excellent inaudibility. Compared with previous works, the proposed scheme has strong ability to detect de-synchronization attacks and locate the corresponding tampered area without using synchronization codes. Meanwhile, the selective encryption will not influence the selective watermarking operation. Similarly, the operation of watermarking will not affect the decryption of the encrypted speech. Additionally, the tampered samples can be recovered without any auxiliary watermark information. 相似文献
18.
近场无线通信(NFC)是一种已经被广泛应用的短距无线通信技术.其中最常见的是将NFC技术应用于移动支付和门禁访问控制等应用.从技术上讲,这些应用利用NFC模拟卡模式将NFC设备模拟成银行卡或门禁卡,然后等待外部阅读器验证.在这类应用场景下,选取合适的安全认证方案是非常重要的.首先,介绍了现有的NFC认证系统和安全方案并分析了系统安全需求和潜在的安全风险.然后,采用Hash、AES和口令Key动态更新机制,提出了一种适用于NFC移动设备的双向认证安全方案,并设计了自同步机制.最后,利用GNY逻辑以形式化证明的形式证明了方案的安全性,分析表明该方案能解决伪造、重放攻击、窃听、篡改、异步攻击等安全问题. 相似文献
19.
20.
认证技术是建立电子商务安全交易系统必不可少的基本组成部分。文中分析了电子商务的网络设施不完善、信用问题及交易安全问题等存在的安全隐患,同时介绍了电子商务安全交易中常用的身份认证技术和信息认证技术,并分析认证技术如何确保电子商务信息机密性和完整性,从而为电子商务的信息安全提供理论基础。 相似文献