网络考核系统中的认证技术研究

Research of the Authentication in Computer Network Examination System

为了确保网络考核系统的安全运行以及考试的有效性,通过对网络考核系统结构的研究,分析了网络考核系统中存在的安全问题,讨论了考生身份识别的2种方式--通行字方式和持证方式的简单模型及其应用特点;基于可靠的安全和加密技术,提出考试服务器与考生的双向认证方案和考生答卷信息的消息认证方案,分析了他们的实施流程,实用效果良好.应用中可根据实际需要采用不同的方案.

In order to gurantee the safty of the computer network examination system and the validity of the examination, we analysis its security problems through the research on its architecture. We discuss the brief models and its characteristic of two modes of the examinee identification authentication-by pass and by token. We propose two schemes: the bilateral authentication between the server and examinee and the message authentication of the answer data of the examinee, then analysis their work flows. Their application effect is pretty well and can be adopted flexibly based on the practical demands.