摘要
静态身份认证系统以明文形式进行消息交换,数据采集系统采用此认证方式,用户口令极易被窃取和泄漏,为提高数据采集系统的安全性,针对数据采集系统的特点,设计了一个基于"挑战/应答"的动态口令身份认证系统,并研究了动态口令技术,对当前数据采集系统的安全风险进行了分析以及对系统的结构组成和功能进行了阐述,并对系统的安全性进行了剖析。该系统克服了传统口令认证容易被窃取的弱点,解决了企业数据采集系统的用户身份认证的安全问题。
Data acquisition system uses the static authentication system to authentication,the password may be easily stolen and leaked.Aiming at improving the security of the data acquisition system and contraposing the features of the data acquisition system,it designs a dynamic password authentication system based on "Challenge/Response",describes the dynamic password technology and analyzes the current security risks of the data acquisition system,illustrates the composition and functions of the system,constructs the security of the system.This system overcomes the weaknesses of the traditional password authentication and solves the security issues of identity authentication.
基金
国家自然科学基金资助项目(61003211)
关键词
动态口令技术
安全风险
口令认证
Dynamic Password Technology
Security Risk
Password Authentication