电力企业内部RSA双因素身份认证建设

The Electric Power Enterprise RSA Double Factor Authentication System Construction

针对目前电力系统网络设备与主机系统在身份认证过程中采用静态口令存在安全风险因素,介绍了RSA双因素身份认证体系,网络与信息管理员根据管理规范向用户发放单独的认证设备,初次使用设备时设定个人码(PIN码),使用时将用户的个人码与令牌码组合,形成双因素认证,通过统一时间同步服务器保证在相同的时间内令牌和认证服务器产生具有相同的令牌码,确保合法用户访问网络设备与主机资源。

In view of the present electric power system network equipment and the host computer system in authentication process using a static password,the existence of security risk factors,introduces the RSA double factor identity authentication system,network and information based management standards to issue separate user authentication apparatus,the initial use of equipment set personal code（PIN code）,when in use,the user＇s personal code and token code combination,formed two factor authentication;time synchronization server to ensure at the same time the token and the authentication server generates has the same token code,ensure the legitimate user access network equipment and host resource.