

Application Research Based on 802.1x Authentication Technology of Kerberos Protocol
摘要 为解决IEEE 802.1x网络接入控制和应用系统认证结合实现单点登录,兼容业界标准,减少对现有网络基础设施的影响,设计了一个使用Kerberos协议以验证用户身份的网络接入控制系统,称之Krb_1x认证系统,其客户端和认证服务器要支持Kerberos协议.文章具体介绍认证系统设计、系统工作机制和关键实现,并对方案进行分析. In order to resolve the IEEE 802.1x network access control and application systems integration to implement single sign-on authentication compatible with industry standards,and to reduce the existing network infrastructure's influence.Kerberos protocol is designed to verify user's network access control system termed Krb_1x certification system,where its client and the authentication server should support Kerberos protocol.Introduction of specific certification system design,system working mechanism,the key to implement,and program analysis are included in the paper.
作者 吴伟斌
出处 《泉州师范学院学报》 2010年第2期18-22,共5页 Journal of Quanzhou Normal University
关键词 KERBEROS协议 IEEE 802.1x 网络接入控制 单点登录 身份认证 Kerberos protocol IEEE 802.1x network access control single sign-on identity authentication
  • 引文网络
  • 相关文献


  • 1NEUMAN C,YU S T,HARTMAN S,et al.The Kerberos network authentication service (V5)[S/OL].(2005-07-01)http://www.ietf.org/rfc/rfc4120.txt.
  • 2ABOBA B,BLUNK L,VOLLBRECHT J,et al.Extensible authentication protocol (EAP)[S/OL].(2004-06-01) http,//www.ietf.org/rfc/rfc3748.txt.
  • 3ZRELLI S,SHINODA Y.EAP Fast re-authentication protocol[EB/OL].(2008-06-01) http://tools.ietf.org/html/draft-zrelli-eap-frap-04.
  • 4ZRELLI S.SHINODA Y Specifying Kerberos over EAP:towards an integrated network access and Kerberos single sign-on process[EB/OL].[2007-07-28] http://www.Jaist.Ac.Jp/~zrelli/.
  • 5ABOBA B,SIOMN D.EAP GSS authentication protocol[EB/OL].(2002-04-06) http://tools,ietf.org/html/draft-aboba-pppext-eapgss-12.
  • 6NEUMAN B C,TS'O T.Kerberos:an authentication service for computer networks[EB/OL].(1994-09-01) http,//gost.isi.edu/publications/kerberos-neuman-tso.html.
  • 7Institute of Electrical and Electronics Engineers.IEEE standards for local and metropolitan area networks:port based network access control,IEEE Std 802.1X-2004[S].New York:IEEE press,2004.
  • 8邱航,权勇.基于Kerberos的单点登录系统研究与设计[J].计算机应用,2003,23(7):142-144. 被引量:27
  • 9丁立新,赵曦滨,顾明.基于Kerberos的Web单点登录研究[J].计算机工程与应用,2005,41(14):124-126. 被引量:13
  • 10黄成哲,安波,韩中元.基于Kerberos认证系统的设计与实现[J].黑龙江工程学院学报,2004,18(4):45-48. 被引量:2


  • 1林晓东,杨义先,马严.网络安全关键技术的研究与进展[J].信息安全与通信保密,1997,19(2):41-46. 被引量:5
  • 2张焕国,覃中平.计算机安全保密技术的发展[J].交通与计算机,1996,14(1):2-6. 被引量:6
  • 3权勇 汪文勇 等.基于Kerberos的身份认证技术[J].计算机应用,2002,22:149-150.
  • 4Kohl J, Neuman C. The Kerberos Network Authentication Service[ S]. RFC1510, 1993.
  • 5Hursti J. Single sign-on[ M]. Helsinki University of Technology,1997.
  • 6Compaq Computer Corporation. Windows2000 Single sign on[ M].2001.
  • 7SteveBurnett StephenPaine.密码工程实践指南[M].北京:清华大学出版社,2001.155-156.
  • 8B Aboba,P Calhoun,S Glass et al. Criteria for Evaluating AAA Protocols for Network Access;Internet Engineering Task Force[S].RFC 2989,2000-11.
  • 9AndrewNash WilliamDuane CeliaJoseph.PKI公钥基础设施实现和管理电子安全[M].北京:清华大学出版社,2002.57-121,258-271.
  • 10Andreas Pashalidis ,Chris J Mitchell.A taxonomy of single sign-on systems[C].In:R Safavi-Naini,J Seberry eds.Proceedings of 8th Australasian Conference on the Information Security and Privacy,ACISP 2003 ,Wollongong, Australia,volume 2727 of Lecture Notes in Computer Science ,Springer-Verlag ,Berlin ,2003-07:249~264.



使用帮助 返回顶部