CAJ | 학술논문

随着网络技术的发展，传统的静态密码身份认证方案已不能给电子商务活动提供足够的保护。描述了动态口令技术的原理，分析了硬件和软件实现动态口令的利弊，设计了一种基于客户端MAC地址的动态口令认证协议，并在此基础上论述了系统方案的实施流程、总体设计和认证过程。最后进行了安全性分析并提出了相应的提高安全性的措施。分析表明，该方案具有适用面广、安全性高、使用方便和系统成本低的特点。
수착망락기술적발전，전통적정태밀마신빈인증방안이불능급전자상무활동제공족구적보호。묘술료동태구령기술적원리，분석료경건화연건실현동태구령적리폐，설계료일충기우객호단MAC지지적동태구령인증협의，병재차기출상논술료계통방안적실시류정、총체설계화인증과정。최후진행료안전성분석병제출료상응적제고안전성적조시。분석표명，해방안구유괄용면엄、안전성고、사용방편화계통성본저적특점。
With the development of Internet technology, the traditional static password based on authentication solutions is no longer an adequate protection scheme to serious enterprise applications. In this article, the principle of dynamic password technology is described and the pros and cons of implementing dynamic password technology by software and hardware are analyzed as well. A dynamic password authentication protocol based on MAC Address of client is designed. According to this protocol, the system architecture, authentication processes and safety measures are described and its security is analyzed as well. The analysis indicates that this system features high security and wide application. It can be conveniently used and implemented in low cost.