Welcome to free paper download website

Computer Applications

You are here: Home > Computer > Computer Applications > content

Digital campus card system security

Author: DongZhaoYin From: www.yourpaper.net Posted: 2010-06-22 17:55:08 Read:
Abstract: This paper introduces the characteristics of the security system of digital campus card system, respectively, from the campus card security, network security, data security, system security and management security five aspects to carry on the research analysis.Proposed security strategy to prevent data card system of stealing, tampering and loss, solving the problem of potential safety hazard potential of campus smart card system.
Keywords: campus card; security policy; security of data
First, the introduction of
The "campus card" as one of the core contents of the digital campus construction is not only the consumption system, should have the function of data management and perfect, be combined with the existing school management information system, providing a sustainable development which is cross-platform, database of digital campus information platform, complete the campus information delivery and service.Therefore, the security of the data becomes the "campus card" system must be considered in the process of design, implementation and the problems in use.According to the school where the "campus card" implementation experience, security, network security, data security, system security and management security five aspects to carry on the research on the safety card system based on campus network strategy from the campus card.
Two, the campus card security
Campus card using contactless card, contactless card because of simple operation, strong anti-interference ability, high reliability, good safety.
(1) a card a secret: the key card by user storage, and the user can reset key, key in the form of transmission and preservation.Such attackers attacker even know a card key, cannot calculate the other card key;

(2) a secret: key generated randomly, cracked all ciphertext theoretically impossible;

(3) the amount required to validate the password authentication: when user large trades;

(4) to lock and unlock: if the continuous input the wrong password, card will be locked, to unlock the user card centre only, can continue to use the card.
In order to enhance the security of campus card, you can use the following measures.
(1) set safe campus card interface.(2) the key authentication method.(3) on the campus card management through a black and white list.Consuming system and self-service payment system using black list mode.
Three, the network security of
(1) the encryption technology of
Encryption technology is the key technology of network security, including the link encryption, encryption and encryption endpoint node 3.The purpose is to let the data files and control, security and integrity of information security, is one of the most effective techniques for improving
data transmission security
(2) the physical network segment
The network from the physical layer and data link layer (ISO/OSI model in the first layer and the second layer) is divided into separate campus one-card-through system network, access control of the non - card network, the network security control system.
(3) the VLAN technology of
Separation of integrated services, identity, and each card front-end database application system based on VLAN technology, the server subsystem is configured by the double NIC physical separation, while the other segment of each card subsystem ports and campus network separation, so the system has high security.
The switch port division based on VLAN.Each card system interface corresponding to each switch port where the segments belong to the same VLAN.At the same time, according to the safety of the system to divide the VLAN server system, campus card system settlement center as a separate VLAN, and the other subsystem is zoned for one or several VLAN.Server, system, gateway, touch screen, Card Center card related classification of special VLAN, does not allow other network access.
(4) the VPN technology of
VPN (virtual private network) user verification function can prevent users from unauthorized access card network.In the VPN card inside and outside the network to build a virtual channel to transmit content, using complex algorithms for encryption and a digital signature, in order to ensure the confidentiality and data integrity.
(5) access control policy (ACL)
All application of ACL in card network after all of the two layer and the three layer switch.ACL can filter the IP address, MAC address, protocol, port.The use of access control lists and extended ACL in the access control list rule definition: only allow card segment of the IP access to the database; the database host only open part of the port: do not often use port and system shield virus often intrusions in port; shielding all does not belong to the smart card system in IP and MAC.Such as
IP access-list extended ID

Deny|permit protocol source_addr source_mask [operator port [port] destination_addr destination_mask operator port
.
Effective use of ACL can construct a logically separate card system platform in the physical network.Four, the data security of
Huge amount of data, involving a wide range, including the financial data, the password, the campus card password, the system operator password.So to ensure the data confidentiality, integrality, correctness and non-repudiation is another must consider security issues.In the campus smart card system, the database is the base of information storage center and system operation.The first task is how to control the user access, only authorized, authorized users can access the database.In addition, the database must also provide a method for preventing the unauthorized user access to confidential data; the monitor user access data auditing technology; using the authentication token in response to user authentication request etc..
Our school card system adopts Oracle10g as the system backstage database center.Oracle has the advantages of high safety, safety grade C2, architecture based on recognized system data security, Oracle database itself using a variety of means to strengthen the security of database.Background database using hot backup to guarantee the stability and security of the system, the bulk trading data terminal equipment capable of real-time feedback.Center data storage using double safeguard mechanism, mainly through the disk array cabinet.
Five, the security of the system of

5.1 system security
(1) operating system using
Level of security operating system Unix and Linux reached C2, user authentication, access control and audit more complete function.Now our school card of each subsystem using Linux AS 5, database using SCO unix.
(2) in the smart card system, in addition to operating permissions grading, the operator, also exist to protect the demand data. For financial transaction data, each merchant between data are confidential, the merchant can query to the transaction data relating to the merchant.Security authentication system can use USB interface operator card operator, system run by using hardware encryption, such as encryption dog etc..
(3) in the digitized campus smart card system, service interruption is inevitable, using clustering and load balancing technology, multiple servers connected by forming a cluster, shared resources and enable access to such as storage devices, combined with fault-tolerant technique, a fault occurs when a system or node, or an application has generated errors, then the other nodes can continue to bear the load, so as to achieve the operational continuity and high availability.
The 5.2 communication system security
In the smart card system and bank system on the Internet, because the communication line public computer and easy operation, there will be three kinds of safety problems: one is to steal the user campus card PIN; two is forged and tampered with financial transaction information; three is to steal (physical and electronic) key.This must be the establishment of data security system is complete:
(1) did not allow the PIN codes in communication lines and artificial operation; do identification for any transaction information must be
>
(2) using DES and 3-DES encryption algorithm.In order to ensure the safety and reliability of data transmission, in the communication process, changing the encryption key, encrypts data packets;

(3) using a special packet format: jointly with the bank to develop a data message format, restriction between the different meaning of the specified message field.Even if the data packet interception, interception is difficult to understand the meaning of them;

(4) the important data adopts dynamic key encryption, guarantee not to be cracked, encryption card to store both static and dynamic encryption key can be used by the people's Bank of authentication encryption chip DS5002 to prevent illegal read-write hardware.
To ensure the card and database in the amount of the cardholder in offline and POS POS machine networking or mixed use has the consistency of the data, should be based on public data card data center shall prevail, do synchronous base balance, information.
Six, security management and
The so-called "seven points, three points management", in the safety control system, management cannot replace technology, technology is also cannot replace management.Many unsafe factors are often generated by the management problem, this is to be considered in the campus card system security control problem.Aiming at the complexity of system safety management, an important solution to the security problem is to formulate corresponding management system, and unified management and implementation of these policies.Security management of the campus smart card system to achieve the four principles: less responsible people, many people pay attention to, clear functions, separation of duties.
 1/2    1 2 Next Last
Please consciously abide by Internet-related policies and regulations.
Tips: Log in to comment, the user name to enter comments directly from your personal space, so that more friends to meet you.

Computer Applications latest papers

Sponsored Links

Computer Applications papers Ranking

Latest free papers

Sponsored Links

Top