| SSL VPN中基于Cookie技术的可靠认证方案 |
| |
| 引用本文: | 黄东.SSL VPN中基于Cookie技术的可靠认证方案[J].测控技术,2013,32(7):83-86. |
| |
| 作者姓名: | 黄东 |
| |
| 作者单位: | 宜宾学院计算机与信息工程学院,四川宜宾,644007 |
| |
| 基金项目: | 四川省宜宾市宜宾学院校基金资助项目 |
| |
| 摘 要: | 针对安全套接层协议的虚拟专用网络SSL VPN网关的特点,提出一种基于Cookie技术的可靠认证方案,该方案中Cookie采用加密技术,攻击者无法伪造和篡改数据;此外,方案采用基于Hash和链表的数据结构,结合安全Cookie协议,不仅对内部站点的信息进行隐藏,还实现了对用户信息的认证和授权.同时,提出基于角色的访问控制模型,通过职责分离和最小特权的原则来满足SSL VPN访问控制的要求.该方案对于身份认证来说是一种很好的扩充,可以有效加强SSL VPN网关的安全性.实验测试验证了该安全认证方案的可行性和可靠性.
|
| 关 键 词: | 安全套接层协议 虚拟专用网络 认证方案 Cookie技术 |
Authentication Scheme Based on Cookie Technology in SSL VPN |
| |
| HUANG Dong.Authentication Scheme Based on Cookie Technology in SSL VPN[J].Measurement & Control Technology,2013,32(7):83-86. |
| |
| Authors: | HUANG Dong |
| |
| Abstract: | A security authentication scheme based on Cookie technology for the characteristics of SSL VPN gateway is proposed.The data can not be forged and tampered by attackers as Cookie in the scheme used encryption technology.In addition,the scheme uses a data structure based on Hash and linked lists,as well as secure Cookie protocol,which not only hides information of the internal site,but also achieves the authentication and authorization of user information.Meanwhile,a role based access control model is proposed,which meets the requirements of SSL VPN access control with the principle of duty separation and least privilege.The scheme is a good extension for authentication and effectively enhances the security of SSL VPN gateway.The experimental test results show that the security authentication scheme is feasible and reliable. |
| |
| Keywords: | secure sockets layer(SSL) virtual private network(VPN) authentication scheme Cookie technology |
| 本文献已被 万方数据 等数据库收录! |
| 点击此处可从《测控技术》浏览原始摘要信息 |
|
点击此处可从《测控技术》下载全文 |
|
