计算机工程 ›› 2007, Vol. 33 ›› Issue (21): 125-127.doi: 10.3969/j.issn.1000-3428.2007.21.044

• 安全技术 • 上一篇    下一篇

基于即时通信的安全保护策略

徐向阳1,韦昌法2   

  1. (1. 湖南大学计算机与通信学院,长沙 410082;2. 湖南中医药大学人文信息管理学院,长沙 410208)
  • 收稿日期:1900-01-01 修回日期:1900-01-01 出版日期:2007-11-05 发布日期:2007-11-05

Secure Protective Strategy Based on Instant Messaging

XU Xiang-yang1, WEI Chang-fa2   

  1. (1. College of Computer and Communication, Hunan University, Changsha 410082; 2. College of Humanity and Information Management, Hunan Traditional Chinese Medicine University, Changsha 410208)
  • Received:1900-01-01 Revised:1900-01-01 Online:2007-11-05 Published:2007-11-05

摘要: 分析了IM面临的主要安全威胁及其特点,阐述并借鉴了现有的解决方案,提出了一套即时通信(IM)安全保护策略,利用公钥基础设施机制、“安全套接字层”、CAPTCHA等技术,通过加密、签名、验证签名、解密、CAPTCHA验证和IM消息流量监控等方法,保障了IM的连接安全和数据交换安全,保护了IM系统的配置信息和通信记录,减轻了病毒和蠕虫的威胁。

关键词: 即时通信, 安全套接字层, 加密, 蠕虫

Abstract: This paper analyzes the main threats that instant messaging(IM) confronted, its characteristics, and solutions in existing applications, proposes a suit of strategies to secure IM. This paper introduces the public key infrastructure(PKI) mechanism into IM, adopting techniques such as security socket layer(SSL) and CAPTCHA, and methods such as encryption, signature, signature verification, decryption, CAPTCHA validation and IM message flux monitoring, so as to ensure the security of IM connections and data communications, protect the configurations and notes of IM system, and lighten viruses and worms threats.

Key words: instant messaging, security socket layer, encrypt, worm

中图分类号: