检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
出 处:《沈阳建筑大学学报(自然科学版)》2009年第6期1193-1197,共5页Journal of Shenyang Jianzhu University:Natural Science
基 金:辽宁省教育厅科学技术研究项目(2008607)
摘 要:目的解决基于802.1X协议认证环境下的用户非法接入问题,使全网认证用户可管理.方法从分析802.1X认证技术特点和非法用户通讯原理出发,利用认证服务器定期向认证用户发送UDP探测报文,根据客户端返回的ACK报文丢失率检测出提供非法服务主机.结果在以校园网为代表的高速以太网环境中,网络不发生大面积拥塞的前提下,实现非法接入用户的实时网络阻断与客户端信息保存,管理者可根据系统保存的用户记录采取相应处罚措施.结论提出的检测方法对802.1X环境下的非法用户检测具有良好的准确性和快捷性,对于实现IntranetAAA系统具有现实意义,充分保障了网络的认证安全与计费安全.In order to forbid the unauthorized users' access in 802.1X authentication environment and make all the users in intranet manageable, this paper offers a method by analyzing the principle of 802.1X technical features and the network communication of unauthorized users. The authentication server sends the clients UDP messages periodically and finds the computers which offer illegal services by calculating the loss rate of ACK messages from the clients. In the high-speed ethernet environment like campus network, under the condition that a serious congestion doesn't occur, this method can cut off the network of unauthorized user in real time and save information of the client. And the network administrator can give punishment according to the records in the system. The method is proved good performance during experiments and achieves the desired results. It also has practical significance to AAA system and ensures the security of network authentication and accounting.
分 类 号:TP393.1[自动化与计算机技术—计算机应用技术]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.30