中大機構典藏-NCU Institutional Repository-提供博碩士論文、考古題、期刊論文、研究計畫等下載:Item 987654321/65612
English  |  正體中文  |  简体中文  |  Items with full text/Total items : 78818/78818 (100%)
Visitors : 34704128      Online Users : 1210
RC Version 7.0 © Powered By DSPACE, MIT. Enhanced by NTU Library IR team.
Scope Tips:
  • please add "double quotation mark" for query phrases to get precise results
  • please goto advance search for comprehansive author search
    •  Adv. Search
    HomeLoginUploadHelpAboutAdminister Goto mobile version


    Please use this identifier to cite or link to this item: http://ir.lib.ncu.edu.tw/handle/987654321/65612


    Title: 使用人臉辨識強化VPN身份認證;Improvement of VPN Authentication Using Facial Recognition Technology
    Authors: 劉政鋼;Liu,Cheng-Kang
    Contributors: 資訊工程學系在職專班
    Keywords: 虛擬私有網路;VPN
    Date: 2014-08-18
    Issue Date: 2014-10-15 17:06:14 (UTC+8)
    Publisher: 國立中央大學
    Abstract: SSL VPN 是一種虛擬私有網路,可以在瀏覽器上使用,所有的網路資料傳輸都透過安全且經過身份認證的加密通道來進行傳輸。藉由SSL通訊協定可以提供客戶端與伺服器端之間更安全網路連結。在一般情況下,使用SSL VPN可以透過確認 LDAP 伺服器中的用戶憑證與密碼即可,但如果是要存取機密資料或是有特殊權限的使用者才可使用的資源,那我們就應該使用更高安全的身份驗證方法。故在本論文中提出一個使用者在登入使用SSLVPN之前,基於更高安全的理由,必須通過加入人臉辨識的雙層認證模式的SSLVPN架構。
    在本系統架構中,使用者必須先通過SSL Handshake和使用者憑證認證,通過第一層的認證之後,以人臉辨識作為第二層的認證方法。系統使用從使用者端取的臉部資訊及參數進行人臉辨識,通過臉部辨識之後才可准許登入系統。
    在實驗的部分人臉辨識率達88.7%,非本人辨識率達77%。由實驗結果得知,本論文提出以人臉辨識來加強SSL VPN身份認證的方法可以有效補強SSL VPN身份確認的功能,以降低在網路上頂替冒用身份的疑慮。
    ;SSL VPN (Secure Sockets Layer Virtual Private Network) is a form of VPN that can be used with a standard web browser via a secure and authenticated pathway by encrypting all network traffic. This protocol achieves a higher level of compatibility with client and server platforms and hence provides a more reliable connection. In general, SSL VPN access can be granted by a user certificate and password in a LDAP. In some particular applications, SSL VPN intends to access important resources that are restricted and not as a general access solution. The resources require much higher secure authentication. In this thesis, we propose a novel SSL VPN double authentication scheme. An advanced feature is proposed based on endpoint security to check a connecting computer to make sure it passes facial recognition rules before allowing a user to log in to SSL VPN.
    In the proposed scheme, if the authentication successfully passes the SSL handshake process and certification, it is then passed the face recognition as the second layer authentication. The server requests the facial recognition parameters from the client for authentication. If the authentication is successful, the protocols go to the next stage or the protocols fail. The client can login to access the server if only all the protocols are successful.
    In our experiments, the accurate rate is 88.7% on images of person himself, and 77% on images of person non-self. From the experimental results, it indicates that our proposed scheme is an advance feature of identification on login to SSL VPN to decrease identification spoofing on the internet.
    Appears in Collections:[Executive Master of Computer Science and Information Engineering] Electronic Thesis & Dissertation

    Files in This Item:

    File Description SizeFormat
    index.html0KbHTML700View/Open


    All items in NCUIR are protected by copyright, with all rights reserved.

    社群 sharing

    ::: Copyright National Central University. | 國立中央大學圖書館版權所有 | 收藏本站 | 設為首頁 | 最佳瀏覽畫面: 1024*768 | 建站日期:8-24-2009 :::
    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library IR team Copyright ©   - 隱私權政策聲明