检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
作 者:许正伟[1] 程晓荣[1] 王翠茹[1] 马慧敏[1]
机构地区:[1]华北电力大学计算机科学与技术学院,河北保定071003
出 处:《微机发展》2004年第6期109-110,114,共3页Microcomputer Development
摘 要:随着网络应用的不断发展,网络安全问题也变得越来越重要,用户认证机制是安全防护机制之一,认证信息可以用来认证需访问系统的请求用户的合法性。文中分析了无须第三方认证的"一次性口令(OTP)"技术及其存在的安全漏洞,结合Kerberos认证机制优点,提出了将用户的通行密语用服务器的公钥加密后保存在数据库中,并在服务器种子信息中加入时间戳和服务器IP地址的改进OTP技术,提高了认证系统的安全性。With the continuous development of network application, the problem of network security has become more and more important. Authentication is one of the mechanisms in security defence, and the authentication information is used to verify the user's legitimacy. The One_-Time Password(OTP) technique which needs no third authentication and its security flaws are analyzed in this paper. With the advantages of the Kerberos system, presents a new technique which saves user spp in the database after it is encrypted with the server's public key. Timestamp and IP address are also added into seed information, which makes an improvement in OTP technique. And the security of authentication system has been developed.
分 类 号:TP393.08[自动化与计算机技术—计算机应用技术]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.195