无线局域网的安全策略研究

针对无线局域网上资源面临的危险,标准的安全缺陷以及无线局域网欺诈、劫持等安全漏洞,提出了无线局域网的安全策略方案。在信息传输安全隐患上,通过数据加密和数据完整性校验就可以为无线局域网提供一个类似有线网的物理安全的保护。在网络标准上,一方面,可以采用新一代安全标准IEEE 802.11i,通过扩展认证协议EAP和3种加密机制(临时密匙完整性协议TKIP,以及基于高级加密标准AES的CCMP和WRAP)保障无线局域网的安全性;另一方面,采用中国无线局域网安全标准WAPI,通过公开密钥体制的椭圆曲线密码算法和秘密密钥体制的分组密码算法,实现了WLAN在多种安全机制下的兼容性。结果表明,以上针对无线局域网的安全策略,为提高无线局域网的相对安全性以及与其他网络实现互联互通提供了技术保障。

Security policy research of WLAN

As to the danger of the WLAN resources,the security defects of standards and the security flaw like WLAN cheat, WLAN hijack and so on ,this paper design a security policy study of WLAN is designed. For the safe leak of the information transmission, it can provide the physics security protection by means of data encryption and data integrity checkout. For the Web standards, on the one hand, it may adopt new safety standard IEEE 802.1 li to ensure the security of WLAN by means of extensible authentication protocol and three key encryptions. On the other hand, Wireless LAN Authentication and Privacy Infrastructure（WAPI） can achieve the compatibility under the various security mechanisms through elliptic curve cryptosystem of public key cryptosystem and the block cipher of private key cryptosystem. The results indicate that all above the security policy in view of WLAN provide the technical support for enhancing the relative security and actualizing Interconnection with other networks.