• • 上一篇    下一篇

基于手机动态密码的计算机使用权限管理机制

张庆阳%杨阳%程久军%廖竞学   

  • 出版日期:2014-11-15
  • 基金资助:
    国家国际科技合作专项(2013DFM10100)

Mechanism on Computer Access Permission Management Based on the Mobile Clients' Dynamic Password Algorithm

ZHANG Qing-yang%YANG Yang%CHENG Jiu-jun%LIAO Jing-xue   

  • Online:2014-11-15
  • About author:同济大学计算机科学与工程系,上海 201804; 同济大学嵌入式系统与服务计算教育部重点实验室,上海 201804

摘要: 信息化时代的到来,信息安全问题充斥着整个互联网领域。伴随着黑客技术的成熟,入侵个人计算机也已是一件易事,因而对个人计算机隐私和使用权限的管理显得尤为重要。然而常用的开机密码保护在朋友或同事要使用您计算机时会受到种种安全性考验。文章主要针对计算机使用权限的管理问题,基于 RSA 加密算法,提出了一种基于手机动态密码的计算机使用权限管理机制。首先,利用手机端与 PC 端共同作用提供动态密码,动态密码加密的设计在 RSA 加密模式基础上进行了一些优化与改进,利用明文编码和 RSA 加密算法生成动态密码,避免了时间种子生成动态密码的一些弊端,增加了密码破解的难度,也更加提高了加密的安全性。其次,提供了文件保护机制,给使用者设置不同的文件访问权限,并将这些信息融入到动态密码当中,计算机解锁后通过在内核中加载文件过滤驱动来保护用户私有目录的安全,提高了对系统敏感文件的防护等级。该机制立足于解决生活中计算机使用权限的难题,实现了用于计算机权限管理的手机动态密码系统。实验结果表明该机制有效解决了个人隐私和权限管理问题,具有较好的应用前景。

Abstract: With the rapid development of information technology, the Internet area has inundated with information security problems. With the maturity of hacker technology, the invasion of a personal computer has become an easy task, so personal computer privacy and permission management have become more seriously in our daily life. Traditional methods that only use login password would threat to computer security and privacy when owner’s friends or colleagues use his computer. Based on the RSA encryption mode, we design a dynamic password encryption algorithm and propose a mechanism on computer access permission management mechanism. Firstly, the mechanism could increase the difficulty of password cracking and improve the security of encryption with the use of dynamic password created by both PC and mobile terminal. We combine plaintext coding with RSA encryption algorithm for dynamic password in order to avoid some problems of dynamic password generated by time seed algorithm. In addition, we added control information into the dynamic password, and loaded the filter driver of file in the kernel after the screen was successfully unlocked, therefore, owner’s private directory would be safer and the system protection grade of sensitive documents would be higher. The mechanism we implemented is aimed to solve as mall and awkward problem in our daily life. Experimental results show that mechanism on computer access permission management based on the dynamic password can solve the problem of personal privacy and access permission management effectively, thus it has a good prospect of application.