基于公钥加密的联通安全认证系统设计与实施

发布时间：2018-04-10 22:52

  本文选题：联通 + 密码钥匙　； 参考：《电子科技大学》2014年硕士论文

【摘要】：近年来,随着信息技术的发展,安全问题已经越来越受到大家的重视,渗透到各个领域和行业,其中联通等电信行业也不例外。怎样保证信息系统的安全也成研究热点,建立联通安全认证系统非常必要。本文通过对联通现有状况进行分析,并结合现有技术讨论,这些技术包括密码体制、密码钥匙、安全认证、PKI、基于身份的公钥认证,得出现在系统存在的问题。并在此基础上,对系统的用户管理、应用服务管理认证管理等功能需求分析。在非功能模块中,对齐安全性、可靠性、扩展性进行分析。并根据分析结果搭建系统合理总体结构及层次架构,对上述功能模块进行详细介绍,如用户管理、密码钥匙管理、认证管理等的设计。针对整个系统,对系统进行部署,提供具体的搭建方案和设备,确定整个系统的实际模型。再针对设计好的认证系统,进行应用扩展,将此安全认证系统应用宽带漫游认证和远程办公中。并在两个应用中讲述了现阶段存在的不足和实现方法,设计了认证的体系结构和工作流程,通过远程控制功能提供了客户端软件智能升级、应用自动推送和密码钥匙解锁,方便客户使用,降低了维护成本。对最,后对本文进行总结,提出现有问题并对未来进行展望,得出系统需要进一步扩展,密码还需要向RSA2048位密钥或者改用192位以上的ECC算法扩展。经设计论证此认证安全认系统搭建合理、安全可靠,取得了预期的效果,满足联通安全认证系统的需求。
[Abstract]:In recent years, with the development of information technology, security issues have been paid more and more attention to, infiltrating into various fields and industries, including Unicom and other telecommunications industry is no exception.How to ensure the security of information system is also a hot topic. It is very necessary to establish the security authentication system of Unicom.This paper analyzes the current situation of Unicom and discusses the existing technologies, which include cryptography, cryptographic keys, security authentication PKI, identity-based public key authentication, and obtains the existing problems of the present system.On this basis, the system user management, application service management certification management and other functional requirements.In non-functional module, analyze the security, reliability and expansibility.According to the analysis results, the reasonable overall structure and hierarchical structure of the system are built, and the above function modules are introduced in detail, such as the design of user management, password key management, authentication management and so on.Aiming at the whole system, the system is deployed, the concrete construction scheme and equipment are provided, and the actual model of the whole system is determined.Then the security authentication system is applied to broadband roaming authentication and telecommuting.In the two applications, the shortcomings and implementation methods are described, the system structure and workflow of authentication are designed, the intelligent upgrade of client software is provided by remote control function, the application of automatic push and password key is unlocked.It is convenient for customers to use and reduces the cost of maintenance.Finally, this paper summarizes the existing problems and prospects for the future. It is concluded that the system needs further expansion, and the cryptography needs to be extended to the RSA2048 bit key or to the ECC algorithm with more than 192-bit bit.It is proved by design that the system is reasonable, safe and reliable, and the expected effect is obtained, which meets the requirement of Unicom security authentication system.
【学位授予单位】：电子科技大学
【学位级别】：硕士
【学位授予年份】：2014
【分类号】：TP311.52;TN918.4
，

本文编号：1733290