摘要： 对目前流行的安全接入控制系统进行分析，发现这些系统仅能解决接入用户身份的问题，并未考虑到用户所使用的终端设备是否符合安全策略要求，存在终端安全方面的安全隐患。为此，提出一个基于802.1x的安全接入控制系统模型，通过添加扩展信息的认证，限制不安全终端的接入，加强安全策略控制，保证大多数终端的安全。

关键词: 802.1x协议, RADIUS协议, EAPOL协议, 安全接入控制

Abstract: Ignoring whether the terminals that under users’ control are safe to the Intranet or not, most of popular Network Access Control(NAC) systems only authenticate users via pairs of ID and password. Based on those, this paper makes improvement in safety policy controlling by adding authentication of safety information to isolate the unsafe terminals, making other terminals of the Intranet safer.

Key words: 802.1x protocol, RADIUS protocol, Extensible Authentication Protocol On LAN(EAPOL) protocol, safety access control

中图分类号: 

• TP393.08