摘要
网络信息安全技术的发展,使得单一的用户口令(PIN)认证方式认证强度已经不能满足用户的安全要求.本文分析了单一认证的弱安全性,结合PKCS 11标准和J2EE平台的EJB组件技术,设计并实现了基于用户口令(PIN)认证和硬件USBKey数字证书身份认证的双重因素认证系统.在所建系统模型基础上,重点构建了双因素认证系统的安全认证协议和签名、认证算法.最后的测试结果显示,在与单一认证系统性能相近的基础上,安全性较高.
Along with the development of network information security technology, authentication with single Personal Identity Number (PIN) becomes unsafe. In this paper,the insecurity of single PIN was analyzed. Then, a dual factor authentication system was designed. It combined Public Key Cryptography Standards 11(PKCS 11) with FAB component technology on the basis of PIN and UsbKey digital certificate. On the system model,the secure authentication protocol and algorithms were particularly designed and implemented. Finally,the test results show that its performance of security is stronger than the single PIN system with the similar performanee of system capability.
出处
《厦门大学学报(自然科学版)》
CAS
CSCD
北大核心
2007年第1期43-46,共4页
Journal of Xiamen University:Natural Science
基金
国家自然科学基金(60373077)
厦门大学985二期信息创新平台项目资助
