According to the actual requirement of remote access to the sensitive resource of intranet, an authenticationrnscheme is proposed in this paper, which can perform classified control of the access based on the users access location.rnIn the scheme, there is no exchange between the password and the key by plaintext in the whole authentication process,rnthe online eavesdropping can be effectively resisted, and sufficient use is made of the intranet high speed bandwidth. Asrnthe scheme not only effectively protects information privacy, but also increases access efficiency, it has widernapplications.%针对远程访问内网重要资源的实际需求,设计了一个根据用户所处位置,实施分类安全认证控制的认证方案.方案的整个认证过程无口令或者密钥的明文交换,能够有效抵御在线窃听,同时又充分利用了内网高速带宽,既很好保护信息的隐私安全,又充分兼顾了访问效率,具有良好的应用性.
展开▼