移动互联网环境下基于二维码的安全认证及应用研究
发布时间:2018-07-25 10:31
【摘要】:“无所不在的计算“是21世纪网络信息技术发展的趋势,移动互联网是该领域最具影响力的技术之一。随着移动互联网用户的日益增长,移动互联网的安全也受到越来越多的重视。QR码是二维码的一种,其作为移动互联网信息的传播载体,有着十分广泛的应用:从网页链接、身份信息等内容的传递到移动终端认证登录都有着QR码的身影。对于QR码而言,移动互联网开放式的传播环境会对其产生诸多威胁,QR码携带的敏感信息存在泄漏或被窃取的风险。因此,必须对QR码的传播安全进行保护;另外,对移动互联网中的各种服务来说,身份认证服务的安全性是最基本的,现有认证技术采用的较多方式是静态口令技术,这种方式存在一定的安全隐患,容易被盗取、撞库、猜测和穷举攻击。所以,设计一种较为安全的移动终端身份认证方案显得至关重要。论文以QR码作为研究对象入手,针对QR码在移动互联网中的传播安全及智能终端使用QR码进行认证登录的安全两个问题进行了研究分析。首先,分析总结了当前QR码传播过程中存在的一些安全问题,为避免现有安全问题所带来的威胁,提出了一种基于Z-映射的QR码加密机制,该机制利用混沌加密算法对QR码图像进行加密,从而保证QR码携带内容的安全性。通过实验验证和理论分析,该机制不仅可以有效保证QR码的传播安全,而且具有较高的可靠性和实用性。其次,研究分析了现有的移动终端身份认证技术和方案,总结了其中存在的一些问题;有别于常用的静态口令登录方式,提出了一种基于QR码的移动互联网智能终端身份认证方案,该方案综合了QR码、混沌加密、时间戳和双向认证等方式,增强了用户身份认证过程中信息的安全性。实验结果表明该方案有着较强的实用性。论文的研究工作表明,QR码加密机制能有效保护QR码所携带的信息内容,论文所设计的基于QR码的移动互联网智能终端身份认证方案具有较强的安全性和实用性。论文重点研究内容互相递进、补充,对保护移动互联网环境下智能终端的安全有一定的参考价值。
[Abstract]:Ubiquitous computing is the trend of the development of network information technology in the 21st century. Mobile Internet is one of the most influential technologies in this field. With the increasing of mobile Internet users, the security of mobile Internet is paid more and more attention to. QR code is a kind of QR code. As a carrier of mobile Internet information, it has a very wide application: link from web page. Identity information and other content to the mobile terminal authentication login have QR code figure. For QR codes, the open communication environment of mobile Internet will cause many threats to QR codes. The sensitive information carried by QR codes is at risk of being leaked or stolen. Therefore, the transmission security of QR code must be protected. In addition, the security of identity authentication service is the most basic for all kinds of services in the mobile Internet. There are some security risks in this way, easy to be stolen, hit the storehouse, guess and exhaustive attack. Therefore, it is very important to design a more secure mobile terminal authentication scheme. In this paper, QR code is taken as the research object, and two problems about the transmission security of QR code in mobile Internet and the security of authentication and login using QR code in intelligent terminal are studied and analyzed. Firstly, some security problems in the process of QR code propagation are analyzed and summarized. In order to avoid the threat brought by the existing security problems, a QR code encryption mechanism based on Z-mapping is proposed. This mechanism uses chaotic encryption algorithm to encrypt QR code image, so as to ensure the security of QR code carrying content. Through experimental verification and theoretical analysis, this mechanism can not only effectively guarantee the propagation security of QR code, but also has high reliability and practicability. Secondly, the existing mobile terminal identity authentication technology and scheme are studied and analyzed, and some problems are summarized, which are different from the usual static password login mode. A mobile internet intelligent terminal identity authentication scheme based on QR code is proposed. The scheme combines QR code, chaotic encryption, time stamp and bidirectional authentication to enhance the security of information in the process of user identity authentication. The experimental results show that the scheme has strong practicability. The research work of this paper shows that the encryption mechanism of QR code can effectively protect the information content carried by QR code. The scheme of mobile Internet intelligent terminal identity authentication based on QR code designed in this paper has strong security and practicability. This paper focuses on the content of each other, complementary to the mobile Internet environment to protect the security of intelligent terminals have a certain reference value.
【学位授予单位】:重庆邮电大学
【学位级别】:硕士
【学位授予年份】:2016
【分类号】:TP391.44;TP309
本文编号:2143550
[Abstract]:Ubiquitous computing is the trend of the development of network information technology in the 21st century. Mobile Internet is one of the most influential technologies in this field. With the increasing of mobile Internet users, the security of mobile Internet is paid more and more attention to. QR code is a kind of QR code. As a carrier of mobile Internet information, it has a very wide application: link from web page. Identity information and other content to the mobile terminal authentication login have QR code figure. For QR codes, the open communication environment of mobile Internet will cause many threats to QR codes. The sensitive information carried by QR codes is at risk of being leaked or stolen. Therefore, the transmission security of QR code must be protected. In addition, the security of identity authentication service is the most basic for all kinds of services in the mobile Internet. There are some security risks in this way, easy to be stolen, hit the storehouse, guess and exhaustive attack. Therefore, it is very important to design a more secure mobile terminal authentication scheme. In this paper, QR code is taken as the research object, and two problems about the transmission security of QR code in mobile Internet and the security of authentication and login using QR code in intelligent terminal are studied and analyzed. Firstly, some security problems in the process of QR code propagation are analyzed and summarized. In order to avoid the threat brought by the existing security problems, a QR code encryption mechanism based on Z-mapping is proposed. This mechanism uses chaotic encryption algorithm to encrypt QR code image, so as to ensure the security of QR code carrying content. Through experimental verification and theoretical analysis, this mechanism can not only effectively guarantee the propagation security of QR code, but also has high reliability and practicability. Secondly, the existing mobile terminal identity authentication technology and scheme are studied and analyzed, and some problems are summarized, which are different from the usual static password login mode. A mobile internet intelligent terminal identity authentication scheme based on QR code is proposed. The scheme combines QR code, chaotic encryption, time stamp and bidirectional authentication to enhance the security of information in the process of user identity authentication. The experimental results show that the scheme has strong practicability. The research work of this paper shows that the encryption mechanism of QR code can effectively protect the information content carried by QR code. The scheme of mobile Internet intelligent terminal identity authentication based on QR code designed in this paper has strong security and practicability. This paper focuses on the content of each other, complementary to the mobile Internet environment to protect the security of intelligent terminals have a certain reference value.
【学位授予单位】:重庆邮电大学
【学位级别】:硕士
【学位授予年份】:2016
【分类号】:TP391.44;TP309
【参考文献】
相关期刊论文 前10条
1 杨波;冯登国;秦宇;张英骏;;基于TrustZone的可信移动终端云服务安全接入方案[J];软件学报;2016年06期
2 张玉清;王晓菲;刘雪峰;刘玲;;云计算环境安全综述[J];软件学报;2016年06期
3 潘承恩;;云计算下的计算机网络安全问题[J];电子商务;2016年01期
4 廖伟文;;无线网络中的安全问题及防范[J];通讯世界;2016年01期
5 张小梅;龙虎;吴福生;;大数据环境下的网络信息加密与认证研究[J];凯里学院学报;2015年06期
6 孙语泽;迟嘉;胡亮;;一种基于DES加密算法的Adnroid平台与服务器通信加密的实现[J];东北师大学报(自然科学版);2015年03期
7 郭倩;陈广学;陈奇峰;;基于DCT-SVD的双QR码水印防伪算法[J];包装工程;2015年17期
8 肖本海;郑莹娜;龙建明;郭盼盼;;基于SHA512哈希函数和Rijndael加密算法QR二维码信息安全设计[J];计算机系统应用;2015年07期
9 王沂;韩广国;李慧智;;无线网络中可证安全的移动用户密钥交换协议[J];信息网络安全;2015年03期
10 刘成彦;刘天娇;林巧民;;基于PKI的认证机制在移动互联网中的应用研究[J];福建电脑;2014年11期
,本文编号:2143550
本文链接:https://www.wllwen.com/kejilunwen/ruanjiangongchenglunwen/2143550.html
