Computer Engineering and Applications ›› 2013, Vol. 49 ›› Issue (6): 109-113.

Previous Articles     Next Articles

Design and realization of security check and admission control on intranet terminal

YANG Guoli, DAI Xiang, MAO Handong   

  1. College of Information System and Management, National University of Defense Technology, Changsha 410073, China
  • Online:2013-03-15 Published:2013-03-14

内网终端安全检查与接入控制的设计与实现

杨国利,代  祥,毛捍东   

  1. 国防科技大学 信息系统与管理学院,长沙 410073

Abstract: Considering the situation and requirements of the intranet security, this paper proposes a framework on the basis of environment security and admission credibility. Based on this idea, the security check and admission control system, running on an intranet terminal, is designed to check and repair the terminal environment, and only when the terminal meets the security needs can it be allowed to have access to the intranet through 802.1x authentication. In this way, the intranet security is guaranteed by the secure environment and creditable user. The proposed design and realization is a good supplement to the intranet security and protection, and will be applied widely.

Key words: Windows Server Update Services(WSUS) management, terminal security rating, 802.1x authentication

摘要: 针对信息化条件下内网安全建设的需求,从运行环境和可信接入两个层面入手,设计了终端安全检查与接入控制系统,该系统对终端计算机的运行环境进行检查和修复,直至其满足可信接入条件后才允许该终端通过802.1x认证接入内部网络,这种方法较好地实现了针对终端主机的可信接入控制。所提出的设计理念和实现方法是对内网安全防护领域很好的补充和完善,应用前景非常广泛。

关键词: Windows Server更新服务(WSUS)管理, 终端安全等级评定, 802.1x认证