摘要
随着Internet应用的快速发展,Web登录的安全问题变得日益重要。基于口令的Hash值比对是目前Web安全登录的普遍方法。针对用户在不同网站注册时,经常采用固定用户名和口令的习惯,提出一种结合目标网站URL的Hash口令安全登录方法,解决同口令脆弱性问题;为了保护用户口令信息不以任何形式,包括口令Hash值在网络上传输,提出一种全新的基于神经网络权值同步运算的动态口令登录方案。两种方案均采用ActiveX客户端控件实现,并通过Web口令登录测试,最后给出不同方案的性能和安全对比分析。
With the rapid development of Internet applications,security problems in Web logins become increasingly important.Comparison of password-based Hash code is the generally used secure Web login approach at present.In light of the case that the users are often used to use fixed usernames and passwords when registering different web sites,a secure Hash password login solution in combination with the destination URL is proposed to resolve the problem of passwords' frangibility.In addition,another novel solution based on weight synchronisation interaction of neutral networks is also presented in order to protect the information of users password,even if they are the password Hash code,from transferring between the client and the server in any form.Both solutions proposed in this paper have been implemented using controls at ActiveX client side,and have passed the login test with Web password.At the end,the comparitive analyses with regard to the performances and securities of the two different solutions are given as well.
出处
《计算机应用与软件》
CSCD
2011年第7期31-34,共4页
Computer Applications and Software
基金
国家自然科学基金项目(60773115)
