检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
机构地区:[1]江苏大学计算机科学与通信工程学院,江苏镇江212000
出 处:《软件导刊》2017年第8期174-178,共5页Software Guide
摘 要:无线局域网(Wireless Local Area Network,WLAN)是一种开放网络,更易面临各种安全风险,最典型的是非法用户对无线接入点的入侵。因此,建立一个安全、完善的无线局域网应用环境尤为必要。针对IEEE 802.1x认证方式中EAP-TLS协议无法提供客户端和认证系统之间的双向认证从而造成中间人攻击和拒绝服务攻击的缺陷,通过在EAP-TLS协议的关键数据帧上引入身份ID机制实现对数据帧来源和真实性的验证,对客户端和认证系统之间传输的所有EAPOL帧的关键字段作加密处理,实现数据帧类型的隐藏,进而有效地增强EAP-TLS协议抵御攻击的能力。The potential of Wireless Local Area Network (WLAN) technology has driven the rapid development of wireless LANs. However, wireless LAN is an Open network, which is more prone to a variety of security risks, the most typical is the illegal users of the wireless access point of the invasion. Therefore, the establishment of a safe and perfect wireless LAN application environment has important theoretical significance and application value. In the IEEE 802. lx authentica- tion mode, the EAP-TLS protocol can not provide two-way authentication between the client and the authentication system, which causes the attack of the man-in-the-middle attack and the denial of service. By introducing the identity ID mechanism on the key data frame of the EAP-TLS protocol The data frame source and authenticity of the verification, the client and the authentication system to transmit all the EAPOL frame between the key fields to do encryption processing to achieve the data frame type hidden, and thus effectively enhance the EAP-TLS protocol against attacks ability.
关 键 词:IEEE 802.1x协议 EAP-TLS协议 DOS攻击 信息安全
分 类 号:TP309[自动化与计算机技术—计算机系统结构]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.15
