基于MAC地址控制的多模式智能认证系统的设计与实现
发布时间:2019-01-09 05:34
【摘要】:为解决局域网自身的共享性带来的安全缺陷,安全认证技术得以不断发展。随着用户的组网需求越来越多样化,一个网络中需要同时支持多种认证方式的应用场景越来越多。此外,,MAC地址是能够惟一标识主机的属性之一,再加上基于MAC地址控制在实现上的灵活性、低成本等优点,基于MAC地址控制的方式逐渐在认证领域得到广泛应用。本文正是基于MAC地址控制技术,兼顾多种认证技术共存,实现了一种多工作模式的智能认证系统。 论文首先分析了802.1x认证协议和MAC地址认证技术,针对现存技术对两种认证共存时采取的必须牺牲其中一种认证的缺陷进行了详细阐述。在此基础上,按照模块化的思想在路由器上实现了智能认证系统,并为该系统划分了5种工作模式,并结合实现过程中的函数接口、状态机等详细阐明了系统的每个模块针对这些工作模式的具体实现。 本文最后还按照智能认证系统的设计测试需求,根据各个工作模式下的测试点,搭建实验环境对智能认证系统进行系统测试,主要包括各个工作模式的使能或禁止、流程测试、性能点测试等。经过详尽的测试,验证得到本论文实现的基于MAC地址控制的多模式智能认证系统工作正常,满足设计要求。
[Abstract]:In order to solve the security defect caused by the sharing of LAN itself, security authentication technology has been continuously developed. With the increasing diversity of users' network requirements, there are more and more applications in a network that need to support multiple authentication methods at the same time. In addition, MAC address is one of the attributes that can uniquely identify the host. In addition, because of the flexibility and low cost of implementation based on MAC address control, the method of address control based on MAC has gradually been widely used in the field of authentication. In this paper, an intelligent authentication system based on MAC address control technology and multiple authentication technologies is implemented. Firstly, the 802.1x authentication protocol and the MAC address authentication technology are analyzed, and the defects that must be taken to sacrifice one of them are described in detail in view of the existing technologies. On this basis, the intelligent authentication system is implemented on the router according to the modularization idea, and the system is divided into five working modes, which are combined with the function interface in the process of implementation. The state machine and so on elaborated each module of the system to these working modes the concrete realization. Finally, according to the design and test requirements of the intelligent authentication system, according to the test points under each working mode, the paper builds an experimental environment to test the intelligent authentication system, mainly including the enabling or banning of each working mode, flow testing. Performance point test, etc. After detailed testing, it is verified that the multi-mode intelligent authentication system based on MAC address control works normally and meets the design requirements.
【学位授予单位】:西安电子科技大学
【学位级别】:硕士
【学位授予年份】:2014
【分类号】:TP393.1
[Abstract]:In order to solve the security defect caused by the sharing of LAN itself, security authentication technology has been continuously developed. With the increasing diversity of users' network requirements, there are more and more applications in a network that need to support multiple authentication methods at the same time. In addition, MAC address is one of the attributes that can uniquely identify the host. In addition, because of the flexibility and low cost of implementation based on MAC address control, the method of address control based on MAC has gradually been widely used in the field of authentication. In this paper, an intelligent authentication system based on MAC address control technology and multiple authentication technologies is implemented. Firstly, the 802.1x authentication protocol and the MAC address authentication technology are analyzed, and the defects that must be taken to sacrifice one of them are described in detail in view of the existing technologies. On this basis, the intelligent authentication system is implemented on the router according to the modularization idea, and the system is divided into five working modes, which are combined with the function interface in the process of implementation. The state machine and so on elaborated each module of the system to these working modes the concrete realization. Finally, according to the design and test requirements of the intelligent authentication system, according to the test points under each working mode, the paper builds an experimental environment to test the intelligent authentication system, mainly including the enabling or banning of each working mode, flow testing. Performance point test, etc. After detailed testing, it is verified that the multi-mode intelligent authentication system based on MAC address control works normally and meets the design requirements.
【学位授予单位】:西安电子科技大学
【学位级别】:硕士
【学位授予年份】:2014
【分类号】:TP393.1
【参考文献】
相关期刊论文 前10条
1 朱锋;;试谈Mac地址认证[J];电脑编程技巧与维护;2011年10期
2 李典驹;;802.1x协议在企业内部网的应用探讨[J];电脑知识与技术(学术交流);2007年15期
3 李小雪;吴中福;钟将;李国柱;;数字化校园中统一身份认证系统研究[J];计算机应用;2008年05期
4 吴仁树;;基于校园网IP-MAC绑定管理平台的设计与实现[J];科技信息(科学教研);2008年21期
5 王亮;;基于802.1x协议实现内网主机安全接入控制系统[J];科技信息;2011年36期
6 弓有辉;;浅谈以太网中MAC地址与IP地址的关系[J];信息技术;2013年08期
7 乔森;;以太网中MAC地址的研究[J];软件导刊;2010年02期
8 牛晓妍;薛峗;;基于MAC地址的Radius认证在Linux下的实现[J];山西农业大学学报(自然科学版);2009年05期
9 罗冠洲;葛春宇;吴U
本文编号:2405201
本文链接:https://www.wllwen.com/guanlilunwen/ydhl/2405201.html
