|
基于JAVA的两个通用安全模块的设计与实现 摘 要 本文详细介绍了基于口令的身份认证与文件安全传输两个通用安全模块的设计原理和实现过程,分析了当前口令保存的安全性,提出了运用MD5算法等对口令进行处理,并将处理结果保存在数据库中的方法。同时为了进一步增强认证系统的灵活度,设计了用户注册时的口令模式选择、自主修改用户口令、自主选择口令字符串长度等策略。在本文设计的认证过程中,用户输入认证口令信息,作必要的处理之后,会与数据库里的用户真实信息进行对比来验证用户的合法性,合法用户登录成功后可以访问文件安全传输模块;而文件安全传输模块的设计,是应用SSL协议建立文件安全传输通道,可以保障机密文件内容不被窃听、篡改、伪造。整个系统采用JAVA语言对SSL协议、DES、MD5的支持设计实现的,具有设计简练、认证灵活、安全性能可靠、成本低廉等优点,能很好地解决各类企事业单位的用户身份鉴别和传输文件的机密性问题。 关键词: 身份认证;消息摘要;DES;SSL;加密;解密
The Design and implementation of Two GeneralSecurity Models Based on Java Abstract Thepaper initiates the principle and implementation of two general securitymodules of password-based authentication and secure file transfer. It analysesthe security of the current password, then proposes an approach that utilizesMD5 algorithm to encrypt password, finally stores the results in databases. Tomake the authentication system more flexibility, we introduce some policies:when users register, they can choose password model, they can modify passwordfreely, they can choose the length of password independently etc. In the authenticationprocess designed in this paper, the user inputs password which is processed to comparewith the information stored in DB to authenticate user. If logon successfulthey will be able to access the secure file transfer module. And the design of securefile transfer module is the use of the SSL Protocol to establish security file transferchannels which can protect the confidential contents of the files againsteavesdrop, alter and forge. The system is implemented in Java that supports SSLprotocol, DES, MD5, which has the following virtues: briefness in design, authenticationagility, secure and cheap in cost, and can help all kinds of companies to solvethe problems of identity authentication and confidentiality of file transfer. Key words: authentication; Message-digest; DES; SSL; Encryption;Decryption
| 
|Archiver|手机版|小黑屋|可乐分享,站长交流
( 苏ICP备2024109924号 )|网站地图
发表于 2024-9-18 16:47:32
发表于 2024-10-19 22:48:37
