| ¡¡ | Chinese Journal of Computers Full Text |
| Title | A New Network Access Control Method and Performance Analysis of Authentication Session |
| Authors | LIU Wei1) YANG Lin2) DAI Hao1),2) HOU Bin2) |
| Address | 1)(College of Command Automation, PLA University of Science and Technology£¬ Nanjing 210007) 2)(Institute of China Electronic System Engineering, Beijing 100039) |
| Year | 2007 |
| Issue | No.10(1806¡ª1812) |
| Abstract & Background | Abstract With the constantly expansion of network scale, the problems of network security become more and more intractable. Currently, how to establish trusted network has been a research hotspot. One of the key technology of trusted network is access authentication and management to users and devices. This paper analyses the status quo of trusted network access control technology, puts forward a new method for network access control, the emphases is on the theoretic analyses and simulation on the probability of authentication session failure, so as to direct the parameters setting in the access control device. The new method combines the merits of digital certificate and can effectively promotes the control-ability and manageability of network. keywords trusted network; authentication; network access control; soft-life time; hard-life time background This research is supported by the Pre-research Program of National Defence under grant No.513150604. As the quickly expansion of network scale, more and more end-points and users access to network, the extension and deepness of various application constantly increase, all of these result in the difficulty of network management and maintenance. It is imminence to solve these problems, such as protecting the network security, protecting the border of the network; implementing uniform management to network user, strengthening the supervision and control of user network behaviors; reinforcing the integrate management of network resources, providing high quality of service and security guarantee to user; impulsing the establishment of trusted network, forming colligated network security defense ability etc. The main objective of network access control scheme investigate by the authors is to provide uniform security authentication and authorization mechanism for communication system, by validating the identity of network user, definitude the privilege of network resource for users, then can protect the resource under control against abuse unlawfully. |