论文部分内容阅读
从应用的角度看,计算机数据安全保护的第一关就是对用户的身份鉴别。采用对用户的口令鉴别验证是最为方便的一种。然而人们由于不了解口令本身所存在的固有弱点和非法入侵者对口令攻击所采用的诸多方法而盲目乐观。本文分析了口令结构的内在矛盾并针对危及口令安全的几个方面推出了适应不同层次需要的加密方案。其中为对付高技术的、精通DBMS和操作系统的入侵者所采取的措施尤其值的注意和进一步探讨。
From the application point of view, the first level of computer data security protection is the user’s identity authentication. Using the user’s password authentication is the most convenient one. However, people are blindly optimistic because they do not understand the inherent weaknesses existing in the password itself and the many methods that an illegal intruder attacks the password. This paper analyzes the inherent contradictions of the password structure and introduces the encryption scheme that adapts to different levels of needs for several aspects that endanger password security. Among them, especially the attention and further discussion of the measures taken to deal with high-tech intruders proficient in DBMS and operating system.