摘要
随着网络技术的发展,传统的静态密码身份认证方案已不能给电子商务活动提供足够的保护.描述了动态口令技术的原理,分析了硬件和软件实现动态口令的利弊,设计了一种基于客户端MAC地址的动态口令认证协议,并在此基础上论述了系统方案的实施流程、总体设计和认证过程.最后进行了安全性分析并提出了相应的提高安全性的措施.分析表明,该方案具有适用面广、安全性高、使用方便和系统成本低的特点.
With the development of Internet technology, the traditional static password based on authentication solutions is no longer an adequate protection scheme to serious enterprise applications. In this article, the principle of dynamic password technology is described and the pros and cons of implementing dynamic password technology by software and hardware are analyzed as well. A dynamic password authentication protocol based on MAC Address of client is designed. According to this protocol, the system architecture, authentication processes and safety measures are described and its security is analyzed as well. The analysis indicates that this system features high security and wide application. It can be conveniently used and implemented in low cost.
出处
《计算机系统应用》
2014年第8期158-162,共5页
Computer Systems & Applications
基金
浙江省大学生科技创新计划(新苗人才计划)(2013R413034)
广东省自然科学基金(10151027501000061)
关键词
动态口令
身份认证
软件口令牌
MAC地址
dynamic password
identity authentication
software token
MAC address