[1]张建伟.基于统一身份认证平台的局域网安全设计[J].计算机技术与发展,2019,29(01):124-129.[doi:10. 3969 / j. issn. 1673-629X. 2019. 01. 026]
 ZHANG Jian-wei.Security Design of LAN Based on Unified IdentityAuthentication Platform[J].,2019,29(01):124-129.[doi:10. 3969 / j. issn. 1673-629X. 2019. 01. 026]
点击复制

基于统一身份认证平台的局域网安全设计()
分享到:

《计算机技术与发展》[ISSN:1006-6977/CN:61-1281/TN]

卷:
29
期数:
2019年01期
页码:
124-129
栏目:
安全与防范
出版日期:
2019-01-10

文章信息/Info

Title:
Security Design of LAN Based on Unified IdentityAuthentication Platform
文章编号:
1673-629X(2019)01-0124-06
作者:
张建伟
宝鸡文理学院 物理与光电技术学院,陕西 宝鸡,721016
Author(s):
ZHANG Jian-wei
School of Physics and Optoelectronic Technology,Baoji University of Arts and Sciences,Baoji 721016,China
关键词:
局域网 准入准出 统一身份认证 用户(角色)管理 认证过程 授权管理
Keywords:
LANaccess & exitunified identity authenticationuser (role) managementauthentication processauthorization management
分类号:
TN929.5
DOI:
10. 3969 / j. issn. 1673-629X. 2019. 01. 026
摘要:
对于局域网进行安全设计时首先要以提高网络系统安全性为目标,其次还要保证局域网上的应用系统的安全性满足相应标准.对服务器、个人终端、网络接入设备、防火墙在内的所有参与到局域网服务过程中的节点进行分析研究,判断出网络系统安全存在的薄弱点.在这其中,"准入准出"平台的设计和建立是首先要考虑的技术手段.基于"统一身份认证"这一普遍使用的"准入准出"技术,以宝鸡文理学院局域网网络安全设计和建设为实例,讨论统一身份认证技术在网络安全中的应用.首先研究了统一认证平台的设计思想和具体功能,在这一基础上,画出了该平台的体系架构图;然后分别从目录服务、用户(角色)管理、同步管理、认证过程和授权管理等五个方面详细阐述了统一认证平台的设计,为局域网在安全规划和设计方面提供了有益的参考.
Abstract:
For the safety design of LAN,we must first aim at improving the security of network system,and then ensure the security of application system on LAN to meet the corresponding standards. All nodes involved in the LAN service process,including servers,personalterminals,network access devices and firewalls,are analyzed,and the weakness of network security is judged. Firstly,the design and es-tablishment of the “access &exit” platform is to be considered. Taking the design and construction of LAN security in Baoji Universityof Arts and Sciences as an example,the application of unified identity authentication technology in network security is discussed. Firstly,the design idea and specific function of the unified authentication platform are studied. On this basis,the architecture diagram of the platform is drawn. Then,the design of unified authentication platform is elaborated from five aspects:directory service,user role manage-ment,synchronization management,authentication process and authorization management,which provides a useful reference for the LANin security planning and design.

相似文献/References:

[1]王昭宏 张秦艳.基于SMB的高清机顶盒局域网高速I/O技术研究[J].计算机技术与发展,2010,(03):159.
 WANG Zhao-hong,ZHANG Qin-yan.Study of SMB Protocol - Based High - speed I/O Technology for HD Set - top Box in LAN[J].,2010,(01):159.
[2]易法令 王同喜.基于SQL Server的LAN办公系统的开发应用[J].计算机技术与发展,2006,(01):167.
 YI Fa-ling,WANG Tong-xi.Development and Implementation of Local Area Network Office System Based on SQL Server[J].,2006,(01):167.
[3]梅凯珍 李永忠.基于过滤驱动的局域网透明文件安全加密方法[J].计算机技术与发展,2012,(04):238.
 MEI Kai-zhen,LI Yong-zhong.Transparent File Safety Encryption Method of Enterprise LAN Based on Filter Driver[J].,2012,(01):238.

更新日期/Last Update: 2019-01-10