èŠ‚ç‚¹æ–‡çŒ®

åŠ¨æ€å¯†ç VPNæŽ¥å…¥ç³»ç»Ÿçš„è®¾è®¡å’Œå®žçŽ°

Design and Implementation of Dynamic Cipher in VPN System

åˆ†é¡µä¸‹è½½
åˆ†ç« ä¸‹è½½
æ•´æœ¬ä¸‹è½½
åœ¨çº¿é˜…è¯»
ä¸æ”¯æŒè¿…é›·ç‰ä¸‹è½½å·¥å…·ï¼Œè¯·å–æ¶ˆåŠ é€Ÿå·¥å…·åŽä¸‹è½½ã€‚

ã€ä½œè€…ã€‘ æŽç¦ï¼›

ã€ä½œè€…åŸºæœ¬ä¿¡æ¯ã€‘ åŒ—äº¬é‚®ç”µå¤§å¦ ï¼Œ è½¯ä»¶å·¥ç¨‹ï¼Œ 2008ï¼Œ ç¡•å£«

ã€æ‘˜è¦ã€‘ è™šæ‹Ÿä¸“ç”¨ç½‘æŠ€æœ¯(VPN)æ˜¯å°†ç‰©ç†åˆ†å¸ƒåœ¨ä¸åŒåœ°ç‚¹çš„ç½‘ç»œé€šè¿‡å…¬ç”¨éª¨å¹²ç½‘,å°¤å…¶æ˜¯Internetè¿žæŽ¥è€Œæˆçš„é€»è¾‘ä¸Šçš„è™šæ‹Ÿåç½‘ã€‚ä¸ºäº†ä¿éšœä¿¡æ¯çš„å®‰å…¨,VPNæŠ€æœ¯é‡‡ç”¨äº†é‰´åˆ«ã€è®¿é—®æŽ§åˆ¶ã€ä¿å¯†æ€§ã€å®Œæ•´æ€§ç‰æŽªæ–½,ä»¥é˜²æ¢ä¿¡æ¯è¢«æ³„æ¼ã€ç¯¡æ”¹å’Œå¤åˆ¶ã€‚æœ¬æ–‡ä¸»è¦æä¾›äº†å¦‚ä½•åœ¨å…¬å…±æ•°æ®ç½‘ä¸Šä¸ºä¼ä¸šå®žçŽ°å®‰å…¨ã€å¯é ã€é«˜æ€§èƒ½ã€å¯äº’æ“ä½œã€è´¹ç”¨ä½Žçš„è™šæ‹Ÿä¸“ç”¨ç½‘(VPN),å¯¹äºŽç›®å‰æ™®éä½¿ç”¨çš„ç¡¬ä»¶VPNè¿›è¡Œäº†æ‰©å±•å’Œæ”¹è¿›,å°†Radiusã€LDAPã€CMPPã€åå‘ä»£ç†ã€å®¢æˆ·ç«¯è¯·æ±‚ç‰æŠ€æœ¯ç»“åˆæˆä¸€æ•´å¥—è§£å†³æ–¹æ¡ˆã€‚åŒæ—¶ä¹Ÿç ”ç©¶äº†ç›¸å…³çš„å„ç§æŠ€æœ¯çš„å®žçŽ°æœºåˆ¶ã€‚ä¼ ç»Ÿçš„VPNæŠ€æœ¯å˜åœ¨ç”¨æˆ·ç®¡ç†åŠŸèƒ½å•ä¸€ã€å¯†ç å®‰å…¨æ€§ä½Žã€æ— æ³•å®žçŽ°ä¸Žå…¶ä»–åº”ç”¨é›†æˆã€æŠ•èµ„è¿‡å¤§ç‰é—®é¢˜,æœ¬æ–‡åˆ™ä»¥å±±ä¸œç§»åŠ¨å¸åŠ¡ä¸å¿ƒçš„å…·ä½“ä¸šåŠ¡éœ€æ±‚ä¸ºå‡ºå‘ç‚¹,è¯¦ç»†é˜è¿°äº†å¦‚ä½•åº”ç”¨åŠ¨æ€å¯†ç ã€æ‰‹æœºçŸä¿¡ã€Radiusè®¤è¯æœåŠ¡ã€ç”¨æˆ·ç›®å½•ç®¡ç†(LDAP)ç‰æŠ€æœ¯å®žçŽ°å¯¹çŽ°æœ‰VPNè®¾å¤‡å±€é™æ€§çš„æ‰©å±•ã€‚é’ˆå¯¹å®žçŽ°çš„ç»†èŠ‚æ–¹é¢,æœ¬æ–‡è¿˜è¯´æ˜Žäº†æ•´ä¸ªæ–¹æ¡ˆçš„æŠ€æœ¯æ¡†æž¶ã€ç³»ç»ŸçŽ¯å¢ƒæå»ºå’Œåº”ç”¨éƒ¨ç½²æƒ…å†µ,æè¿°äº†å®¢æˆ·ç«¯è¯·æ±‚ã€åŠ¨æ€å¯†ç ç”Ÿæˆã€Radiuså¯†ç éªŒè¯å’ŒåŽå°ç”¨æˆ·ç®¡ç†çš„è®¾è®¡è¯´æ˜Žã€‚æ¤å¤–,è¿˜ç ”ç©¶äº†ç³»ç»Ÿè®¾è®¡å’Œå®žçŽ°æ‰€ç”¨åˆ°çš„UMLç»Ÿä¸€å»ºæ¨¡è¯è¨€ã€Eclipseç‰è®¾è®¡å’Œå¼€å‘å·¥å…·ã€‚æ›´å¤š è¿˜åŽŸ

ã€Abstractã€‘ A virtual private network (VPN) is a dedicated specific communications network tunneled through another network. It is virtual network that connects physically different locations, especially through the public Internet. To ensure the information security it uses all kinds of different technologies such as user authentication, access control and content encryption to prevent information eavesdropping, distortion and copy.This paper focuses on how to provide a safe, reliable, high-performance, easy-operated and low-cost VPN to the enterprise clients via the public data network. It expands and improves existing VPN technologies which are currently widely used. It integrates Radius, LDAP, CMPP, Reverse Surrogate and Client Claim into a whole solution. It also studies on the implementation details of those technologies.Traditional VPN technologies have some problems such as poor user management, low security on content encryption, huge amount investment and separation from other applications. This paper studies how to overcome and breakthrough the existing VPN limitation and expand its functionality. The study is based on the business requirement of the Shandong Mobil Accounting Center. It includes dynamic cipher, cell phone short message, Radius authentication and LDAP. It gives all the implementation details including an illustration of technological architecture, system environment and the application deployment. It also makes a detailed description on the client requirements, the dynamic cipher generation, the validation of the Radius cipher and back end user management.UML and Eclipse are used for system design and solution development. This article also does some study on those tools.æ›´å¤š è¿˜åŽŸ

ã€å…³é”®è¯ã€‘ ç½‘ç»œå®‰å…¨ï¼› è™šæ‹Ÿä¸“ç”¨ç½‘ï¼› åŠ¨æ€å¯†ç ï¼› åå‘ä»£ç†ï¼›
ã€Key wordsã€‘ Network Securityï¼› VPNï¼› Dynamic Cipherï¼› Reverse Surrogateï¼›

ã€ç½‘ç»œå‡ºç‰ˆæŠ•ç¨¿äººã€‘ åŒ—äº¬é‚®ç”µå¤§å¦

ã€åˆ†ç±»å·ã€‘TP393.1
ã€ä¸‹è½½é¢‘æ¬¡ã€‘116

çŸ¥ç½‘èŠ‚ä¸‹è½½

èŠ‚ç‚¹æ–‡çŒ®ä¸ï¼š

æœ¬æ–‡é“¾æŽ¥çš„æ–‡çŒ®ç½‘ç»œå›¾ç¤º:

æœ¬æ–‡çš„å¼•æ–‡ç½‘ç»œ

èŠ‚ç‚¹æ–‡çŒ®

èŠ‚ç‚¹æ–‡çŒ®

åŠ¨æ€å¯†ç VPNæŽ¥å…¥ç³»ç»Ÿçš„è®¾è®¡å’Œå®žçŽ°

Design and Implementation of Dynamic Cipher in VPN System

æœ¬æ–‡é“¾æŽ¥çš„æ–‡çŒ®ç½‘ç»œå›¾ç¤º:

åŠ¨æ€å¯†ç VPNæŽ¥å…¥ç³»ç»Ÿçš„è®¾è®¡å’Œå®žçŽ°