Abstract:
Ignoring whether the terminals that under users’ control are safe to the Intranet or not, most of popular Network Access Control(NAC) systems only authenticate users via pairs of ID and password. Based on those, this paper makes improvement in safety policy controlling by adding authentication of safety information to isolate the unsafe terminals, making other terminals of the Intranet safer.
Key words:
802.1x protocol,
RADIUS protocol,
Extensible Authentication Protocol On LAN(EAPOL) protocol,
safety access control
摘要: 对目前流行的安全接入控制系统进行分析,发现这些系统仅能解决接入用户身份的问题,并未考虑到用户所使用的终端设备是否符合安全策略要求,存在终端安全方面的安全隐患。为此,提出一个基于802.1x的安全接入控制系统模型,通过添加扩展信息的认证,限制不安全终端的接入,加强安全策略控制,保证大多数终端的安全。
关键词:
802.1x协议,
RADIUS协议,
EAPOL协议,
安全接入控制
CLC Number:
LU Zhi-pei; YAO Guo-xiang; LUO Wei-qi. Design and Implementation of NAC Model Based on 802.1x[J]. Computer Engineering, 2010, 36(7): 147-149.
卢志培;姚国祥;罗伟其. 基于802.1x的NAC模型的设计与实现[J]. 计算机工程, 2010, 36(7): 147-149.