摘要
可信网络连接规范从终端安全着手,通过一个开放的体系架构解决终端安全接入问题。但它只是一个框架性的概念,要想在二层设备上实现终端安全接入就必须通过802.1X协议来实现,而802.1X协议又是借助负载于二层的标准基于局域网的扩展论证协议(EAPOL)进行认证的。现通过扩展标准EAPOL,并将这种扩展应用于可信网络连接框架中,提出了一种实现二层设备安全接入的方法,同时该方法在某个接入系统中得到了实现。
TNC (Trusted Network Connect),starting from the terminal security and through an open frame,solves the problem of terminal security access.However,it is just a frame conception,and only by 802.1X protocol can the terminal security access based on 2nd-layer device be realized.802.1X protocol is a access method commonly-used by switch device,and carries out authentication through EAPOL on 2nd-layer device.The paper proposes a 2nd-layer security access method upon TNC framework,which is realized by expanding standard EAPOL.This method is successfully used in an actual security access system.
出处
《通信技术》
2010年第9期139-141,144,共4页
Communications Technology