计算机工程 ›› 2010, Vol. 36 ›› Issue (7): 147-149.doi: 10.3969/j.issn.1000-3428.2010.07.050

• 安全技术 • 上一篇    下一篇

基于802.1x的NAC模型的设计与实现

卢志培,姚国祥,罗伟其   

  1. (暨南大学信息科学技术学院,广州 510632)
  • 收稿日期:1900-01-01 修回日期:1900-01-01 出版日期:2010-04-05 发布日期:2010-04-05

Design and Implementation of NAC Model Based on 802.1x

LU Zhi-pei, YAO Guo-xiang, LUO Wei-qi   

  1. (College of Information Science and Technology, Jinan University, Guangzhou 510632)
  • Received:1900-01-01 Revised:1900-01-01 Online:2010-04-05 Published:2010-04-05

摘要: 对目前流行的安全接入控制系统进行分析,发现这些系统仅能解决接入用户身份的问题,并未考虑到用户所使用的终端设备是否符合安全策略要求,存在终端安全方面的安全隐患。为此,提出一个基于802.1x的安全接入控制系统模型,通过添加扩展信息的认证,限制不安全终端的接入,加强安全策略控制,保证大多数终端的安全。

关键词: 802.1x协议, RADIUS协议, EAPOL协议, 安全接入控制

Abstract: Ignoring whether the terminals that under users’ control are safe to the Intranet or not, most of popular Network Access Control(NAC) systems only authenticate users via pairs of ID and password. Based on those, this paper makes improvement in safety policy controlling by adding authentication of safety information to isolate the unsafe terminals, making other terminals of the Intranet safer.

Key words: 802.1x protocol, RADIUS protocol, Extensible Authentication Protocol On LAN(EAPOL) protocol, safety access control

中图分类号: