共查询到20条相似文献,搜索用时 140 毫秒
1.
2.
1Cisco路由器口令的类别(1)有效密码口令(enabledsecretpassword):是一种安全级别最高的加密口令 ,适用于CiscoIOS10.3(2)以后的版本 ,在路由器的配置表中以加密的形式出现。(2)有效口令(enabledpassword):安全级别次高的非加密口令 ,当有效密码口令未设置时 ,使用该口令。(3)终端口令(consolepassword) :用于防止非法或未授权用户修改路由器配置 ,在用户通过主控终端对路由器进行设置时使用该口令。2路由器口令恢复原理(1)Cisco路由器… 相似文献
3.
针对车联网云环境的不可信任,数据种类和数据访问用户身份复杂,访问内容多样化,以及数据所有者与数据使用者之间多对多等特点,改进CP-ABE安全算法,提出了适合车联网的云端数据安全访问控制方案(DAC-VCS)。该方案中,设置属性管理机构,根据合法用户的角色和身份为其赋予一个属性集,并利用该属性集产生用户的访问私钥;数据所有者对要上传的数据用允许访问的用户属性为加密式样,进行加密;并生成可访问数据的用户列表,将两者一起发送到云端存储。当用户访问云中数据时,首先判断用户是否位于访问列表中,如果用户在列表中且访问私钥中的属性集满足数据加密时采用的加密式样,云端将为用户生成解密口令,并将解密口令和密文一起发给用户。用户利用解密口令即可解密密文,获得自身所要的数据内容。通过这种双层保护,保障了云中数据的访问安全性,降低了所使用的云存储空间并且加解密效率得到大幅度提高。 相似文献
4.
一、Cisco路由器口令类别1.有效密码口令(enabled secret password): 是一种安全级别最高的加密口令,适用于Cisco IOS 10.3 (2) 以后的版本,在路由器的配置表中以密码的形式出现。 2.有效口令(enabled password):安全级别次高的非加密口令。当有效密码口令没设置时,使用该口令。3.终端口令(console password):用于防止非法或未授权用户修改路由器配置,在用户通过主控终端对路由器进行设置时,使用该口令。二、口令恢复原理:1.内部内存种类(以2500系列为例)。Cisco 路由器保存了几种不同的配置参数,并存放在不同的内存模块中。Cisco2500系列路由器的内存:ROM、闪存(flash memory)、不可变RAM(NVRAM)、RAM和动态内存(DRAM)等五种。作用如下:一般地,路由器启动时,首先运行ROM中的程序,进行系统自检及引导,然后运行FLASH中的IOS ,并在NVRAM中寻找路由器配置,并装入DRAM中。2.口令恢复的关键在于对配置登记码(Configuration Register Value)进行修改,从而让路由器从不同... 相似文献
5.
口令猜测攻击是一种最直接的获取信息系统访问权限的攻击,采用恰当方法生成的口令字典能够准确地评估信息系统口令集的安全性。该文提出一种针对中文口令集的口令字典生成方法(CSNN)。该方法将每个完整的汉语拼音视为一个整体元素,后利用汉语拼音的规则对口令进行结构划分与处理。将处理后的口令放入长短期记忆网络(LSTM)中训练,用训练后的模型生成口令字典。该文通过命中率实验评估CSNN方法的效能,将CSNN与其它两种经典口令生成方法(即,概率上下文无关文法PCFG和5阶马尔可夫链模型)对生成口令的命中率进行实验对比。实验选取了不同规模的字典,结果显示,CSNN方法生成的口令字典的综合表现优于另外两种方案。与概率上下文无关文法相比,在猜测数为107时,CSNN字典在不同测试集上的命中率提高了5.1%~7.4%(平均为6.3%);相对于5阶马尔可夫链模型,在猜测数为8×105时,CSNN字典在不同测试集上的命中率提高了2.8%~12%(平均为8.2%)。 相似文献
6.
重同步问题是一次性口令(One—Time Password,OTP)系统中的关键环节。传统的身份认证采用静态口令,但是静态口令一旦被截获,就会被他人利用。针对静态口令的缺点,一种常见的解决方法就是采用一次性口令来实现身份认证。目前流行的一次性口令系统是S/KEY结构。在S/KEY体系结构中,任何一个密码不能被重复使用。同时,已经使用过的密码序列不能为新生成的密码提供任何有用的信息。文中在分析一次性口令重同步原理的基础上,提出了一种基于一次性口令之间无相关性的重同步方法。实验表明,该方法可以在安全、高效的前提下很好地解决一次性口令的重同步问题。 相似文献
7.
8.
9.
10.
提出一种支持直接撤销的属性基加密方案,首先给出支持直接撤销的属性基加密定义和安全模型,其次给出具体的支持撤销的密文策略——属性基加密方案并对安全性进行证明,最后,与其他方案对比显示,该方案在密文和密钥长度方面都有所减少。该方案可以实现对用户进行即时撤销,当且仅当用户所拥有的属性满足密文的访问结构且不在用户撤销列表内时,才能使用自己的私钥解密出明文。 相似文献
11.
Iuon‐Chang Lin 《International Journal of Communication Systems》2008,21(4):435-445
Authenticating the legitimacy of a remote user is an important issue in modern computer systems. In this paper, a neural network system for authenticating remote users is presented. The benefits of the proposed scheme include that (1) it is suitable for multi‐server environment; (2) it does not maintain a verification table; (3) users can freely choose their password; and (4) it can withstand replay attack, off‐line password guessing attack, and privileged insider attacks. Furthermore, some drawbacks, such as the users who choose the same passwords will have the same identities and unavailability for evicting a user from the system, will also be eliminated. Copyright © 2007 John Wiley & Sons, Ltd. 相似文献
12.
13.
14.
Cryptanalysis of a dynamic identity‐based remote user authentication scheme with verifiable password update
下载免费PDF全文
![点击此处可从《International Journal of Communication Systems》网站下载免费的PDF全文](/ch/ext_images/free.gif)
Xiong Li Jianwei Niu Junguo Liao Wei Liang 《International Journal of Communication Systems》2015,28(2):374-382
In the authentication scheme, it is important to ensure that the user's identity changed dynamically with the different sessions, which can protect the user's privacy information from being tracked. Recently, Chang et al. proposed an untraceable dynamic identity‐based remote user authentication scheme with verifiable password update. However, our analysis show that the property of untraceability can easily be broken by the legal user of the system. Besides, we find the scheme of Chang et al. vulnerable to offline password guessing attack, impersonation attack, stolen smart card attack, and insider attack. Copyright © 2013 John Wiley & Sons, Ltd. 相似文献
15.
网络一次一密口令的提出,可以较好地克服现行口令机制的缺陷,论文在已有模型的基础上,提出了由服务器端动态分配系统时间,实现整体网络用户口令的一次一密;同时系统初始化密码和用户口令密码分离,兼顾了系统口令的安全性与用户口令的简便性。模型对穷举攻击等也有极好的防御能力。 相似文献
16.
安全口令生成器的设计与实顼 总被引:1,自引:0,他引:1
基于口令的安全机制经常被应用到操作系统用户登录、个人电子账户、文档数据加密等各种信息系统中,用来保证账户的安全和用户信息的机密性。论文采用“字符摘取扩展变换”方法设计与实现了一种安全口令生成器,在保证用户方便记忆口令串的同时得到复杂高强度的口令串,从而提高了用户信息系统口令认证体制的密码安全。 相似文献
17.
18.
Design and Validation of an Efficient Authentication Scheme with Anonymity for Roaming Service in Global Mobility Networks 总被引:1,自引:1,他引:0
Daojing He Sammy Chan Chun Chen Jiajun Bu Rong Fan 《Wireless Personal Communications》2011,61(2):465-476
Designing a user authentication protocol with anonymity for the global mobility network (GLOMONET) is a difficult task because
wireless networks are susceptible to attacks and each mobile user has limited power, processing and storage resources. In
this paper, a secure and lightweight user authentication protocol with anonymity for roaming service in the GLOMONET is proposed.
Compared with other related approaches, our proposal has many advantages. Firstly, it uses low-cost functions such as one-way
hash functions and exclusive-OR operations to achieve security goals. Having this feature, it is more suitable for battery-powered
mobile devices. Secondly, it uses nonces instead of timestamps to avoid the clock synchronization problem. Therefore, an additional
clock synchronization mechanism is not needed. Thirdly, it only requires four message exchanges between the user, foreign
agent and home agent. Further, the security properties of our protocol are formally validated by a model checking tool called
AVISPA. We also demonstrate that this protocol enjoys important security attributes including prevention of various attacks,
single registration, user anonymity, no password table, and high efficiency in password authentication. Security and performance
analyses show that compared with other related authentication schemes, the proposed scheme is more secure and efficient. 相似文献
19.
Neng-Wen Wang Han-Chieh Chao Ing-Yi Chen Yueh-Min Huang 《Telecommunication Systems》2010,44(3-4):181-190
Due to the explosive growth of the Internet and the pervasion of multimedia, protection of intellectual property (IP) rights of digital content in transactions induces people’s concerns. Current security requirements and copyright protection mechanisms especially need to work in real-time and on-line for communication and networking. For media service systems in the Internet, user’s authentication is most essential in association with the access control of the media system. The authentication scheme is a trivial but crucial issue for maintaining user’s information. Up to now, many one-time password-based authentication schemes have been proposed. However, none is secure enough. The purpose of a one-time password (OTP) is to make it more difficult to gain unauthorized access to restricted resources. Traditionally static passwords can more easily be obtained by an unauthorized intruder given enough attempts and time. By constantly altering the password, as is done with a one-time password, this risk can be greatly reduced. These schemes are specially fit for media services in the Internet since they will frustrate the attacker’s attempt. Lin, Shen and Hwang proposed a strong-password authentication scheme in association with one-time password by using smart cards, and claimed their scheme can resist guess attack, replay attack, impersonation attack and stolen attack. Later, Ku, Tsai, and Chen showed that Lin-Shen-Hwang’s scheme suffers from a replay attack and a denial-of-service attack. Furthermore, Ku proposed a hash-based strong-password authentication scheme to enhance the security. In this paper, we show the weaknesses and devise some attacks against Ku’s scheme. Then, we revise Ku’s scheme and propose a novel user’s authentication scheme in pervasive on-line media services for current communication and networking. 相似文献