摘要
本文提出了解决Internet/Intranet互联环境安全性问题的模式,针对不同的Intranet的网络结构,提出了适用的安全模式,设计了相应的认证和密钥分配协议,并考虑了协议在开放系统互联OSI结构的安全管理问题.协议采用分层机制,在低层采用改进的Kerberos协议实现局域网内的认证和密钥分配,而高层的网间认证和密钥分配协议则根据安全模式的不同要求采用单钥体制,或公钥体制来设计。协议能够为Internet的各种远程访问提供安全保护。
In this paper, the solutions to the security issues of Internet/Intranet environment are proposed, and authentication and key distribution protocols are presented, which can be incorporated into the OSI(Open System Interconnection) architecture. The protocol adopt modified Kerberos authentication protocol at the lower sublayer, and design authenticated key exchange protocols using symmetric or asymmetric cryptosystem at the upper sublayer for different solutions. The protocols can be used for remote access applications, thus it is benefit to security manage of Intranet.
