论文部分内容阅读
目的建立适应疾病预防控制机构网路环境特点的无线网络用户认证机制。方法以中国疾病预防控制中心(南纬路)无线网络用户认证系统部署为案例,分析目前采用的基于预共享秘钥的认证方式,发现现有认证机制中存在的不足,并针对问题提出改进优化方案。结果针对该区域无线覆盖面广,用户人群较复杂,致使整个内网资源无法得到很好管控的问题,调整了无线网络的认证方式,即内部员工采用802.1X或Web认证方式,访客用户采用二维码授权认证。实现了疾控中心网络的边界准入认证,保证了内网安全,并解决了无线网络共享密钥等问题带来的安全隐患和管理风险。结论本研究为复杂网络环境认证管理提供了一种切实可行的解决方案,更加有效地保障了疾病预防控制机构局域网用户的上网安全。
Objective To establish a wireless network user authentication mechanism adapted to the network environment characteristics of CDC institutions. Methods Taking the deployment of wireless network user authentication system in China CDC (Nanwei Road) as an example, the existing authentication methods based on pre-shared secret key were analyzed and the deficiencies in the existing authentication mechanism were found out. In addition, Program. The results of the wireless coverage area for the region, the user population is more complex, resulting in the entire network resources can not be well managed problems, adjust the wireless network authentication mode, that is, internal staff using 802.1X or Web authentication, guest users using two-dimensional Code authorized certification. It realizes the border access certification of the CDC network, ensures the security of the intranet and solves the security risks and management risks brought by the problems such as shared key of the wireless network. Conclusion This study provides a practical solution for the certification of complex network environments and more effectively protects the access control of LAN users in CDC.