Ứng dụng sinh trắc học trong chứng thực mạng riêng ảo

PHAT TRIEN L/NG DUNG<br /> <br /> <br /> <br /> <br /> UNG DUNG SINH TRAC HOC<br /> TRONG CHUNG THUC<br /> MANG RIENG AO<br /> <br /> Nguyen Tai Tuyen, Nguyen Diirc Huy<br /> <br /> <br /> <br /> Ng^y nay, img dung sinh trkc bpc nhu rihan dang tinh nang an tokn cho he thdng. Bai bko gibi thieu<br /> dau van tay trong chimg thue mang rieng ao VPN mb hlnh trien khai vk ket qua thu ngMem tMet lap<br /> (VirMal Private Network) dupe xky dung tren co sd mang rieng ao vdi cdng eu ma ngudn md OpenVPN<br /> phan mem ma ngudn md OPenVPN vk phan mem trien khai tai lop mang quan tri cua HVCNBCVT<br /> phkt trien dpc dau vkn tay FFP-SDK (Free Fuiger thbng lam tien de cho viec phkt trien cac img dung<br /> Print SDK) da dupe trien khai nMeu noi tren the nkng cao dp an toan bao mat ha tkng ky thuat dua<br /> gibi. tren sinh trkc hoc.<br /> De timg bube img dung cbng nghe sinh tike bpc<br /> trong an tokn mang tai Viet Nam, nhbm ngMen cim MO H I N H TRIEN KHAI<br /> thubc Hoc vien Cbng nghe Buu chuih Vien thbng<br /> Mo hinh ket ndi VPN<br /> (HVCNBCVT) da ngMen cim img dung cdng nghe<br /> Hlrih 1 dudi day md ta mb hlnh trien khai mang<br /> smh trkc hpc (nhan dang van tay) vko giai doan<br /> rieng ao phuc vu thit nghiem tai lbp mang quan tri<br /> chimg thue ket ndi mang rieng ao nhkm nkng eao<br /> cua HVCNBCVT, co sd Ha Dbng. Mky chu (Server)<br /> <br /> <br /> <br /> <br /> VPN<br /> server<br /> <br /> <br /> <br /> <br /> Hinh 1: Mo hinh trien khai VPN cho quan tri<br /> ung dung ciia H VBCVT co sa Ha Dong.<br /> <br /> <br /> <br /> <br /> TAP CHi CNTT & T T K Y 2 ( 1 . 2 0 1 0 ) | 41<br />  PHAT TRIEN LTNG DUNG<br /> <br /> <br /> <br /> <br /> Bo ID<br /> ^^. Thiet l#p ^ ^ VPN Server<br /> nh^n d?ng • n g u - a i ^ VPN Client<br /> "^^phien V P N ^ ^<br /> - ^ ^ dung<br /> <br /> Dau dQc<br /> van tay Ns. \<br /> Server chi/ng thyc<br /> DO lieu ID n g u i j dung<br /> DO' lieu van tay<br /> <br /> <br /> <br /> Hinh 2: Mo hinh trien khai ung dijng sinh trac hoc trong xac thuc VPN.<br /> <br /> <br /> May tram<br /> chimg thuc VPN dupc dat tai vimg mang qukn tri va<br /> - Ckl dat he dieu hknh Wmdows XP SP3<br /> 0ao tiep vdi lbp mang dich vu. Ngubi lam viectoxa<br /> se ket ndi VPN den Server nay qua Uitemet de thuc - Ckl dat bb OpenVPN CUent 2.1-rel5<br /> Men ckc tkc vu quan tri he thdng. Tokn bd du Ueu - C41 dat bb Dirver cho dau dpc van tay BioLlnk<br /> trayen nhan giira mky tinh cua ngudi qukn tri va ckc UMMB-MatehBook V3.5<br /> may chii dich vu se dupc ma hba va dbng gdi trong<br /> ban tin VPN gika may tinh nay vbi mky chu VPN. Dau doc van tay<br /> Sit dung tool phat trien cua Match Book V3.S<br /> Md hinh u'ng dung sinh tr^c hpc BioLink.<br /> Tai pha thit ngMem, nhbm tac gia sit dung bb dpc<br /> sinh trkc vkn tay de xkc rihan ngubi quan tri. Mbi<br /> mdt mau vkn tay se Mong img vbi mbt D cua nguoi<br /> quan tri. ID nky se dupc su dung de chimg thuc ket<br /> ndi vdi mky chii VPN (VPN Server). Mb hlnh chimg<br /> thuc niy dupc mb ta tiong Hlnh 2.<br /> <br /> <br /> CAC THONG SO HE THONG THU"<br /> NGHIEM<br /> May chu VPN<br /> - He dieu hanh: Linux CentOS 5.2<br /> Hinh 3: BioLlnk U-Match 3.5<br /> - VPN Server: OpenVPN-2.0.9, pMen bkn su dung<br /> cho Redhat Linux Mterprise Server 5 CONG Cy SCr D U N G V A X A Y D l i N G CAC<br /> - Dia cM IP Uitemet: 203.162.92.4 MODULE<br /> - Dia cM IP ndi bb: 10.170.82.98 - GNU C: Su dung de phkt trien Module nhan dang<br /> -Dal dia cM cap dbng cho VPN CUent: U) cho OpenVPN.<br /> 10.170.82.210- 10.170.82.220 - Visual SMdio 2005: Su dung xay dung module<br /> quan ly dii Ueu van tay vk Module xac thuc nguoi<br /> <br /> <br /> <br /> 42 TAP CHi CNTT & TT KY 2 (1.2010)<br />  PHAT TRIEN LTNG DUNG<br /> <br /> <br /> ^ C h u o n g t r i n h quan ly du lieu van lay<br /> User Took Help<br /> <br /> <br /> <br /> <br /> huydd<br /> <br /> <br /> <br /> <br /> Hinh 4: Tao lap co sa dCr lieu nguoi dung<br /> <br /> iot.i^.vi.^ • •• aom(r>">a<br /> 4 «,37;D63 - 9.170. BO. 11 203.162.91.6 TCP joitia > ax tsTO] seq-0<br /> 6 i2.«aoos - B, 170. BO. 11 203.162.91.6 TCP<br /> H>.17O.80.U 91 [SYN] sei<br /> 7 15.7814Jl . _ IO.17O.80.U<br /> 10 ;i.90GS39 203.162.91.6 TCP raven-nrp > Bl [SYMJ Sei<br /> 10.170.SO.11 203.162.91.6 TCP u r l f l - p o r t > e i [SYNi sei<br /> 2e 34.450868 10.170.80. U<br /> 29 37.436024 203.162.91.6 31 I'SiHI sei<br /> 10.170.80.U 203.162.90.. 6<br /> » 43. S63UB urld-port ><br /> *i,\m\>^;w^t^ • i r U E \-M\\-i.KKUimZJI<br /> 3 66.3109 10.1-&.30.11 ;03.1fj3.cil.5 31 [ - ><br /> 79 66. 332822 10.170. ao. 11 203.162.91.5 GET / p t U H b / MTTP/1.1<br /> 62 66.411482 10.170.80.11 20J.162.91.5 h i c l - n o n U o r > 31 [ACI"]<br /> 84 66.452963 10.170. 80. U hacl-monlxor > 81 [aci']<br /> 37 66.4W071 10.170.80.11 203.162.91.S hacl-raonltor > 31 [ACK]<br /> 89 66.641624 10.170.80.11 hac1-mon1tor > 81 [ACK]<br /> 90 69.6J8787 10.170.80.11 20J.162.91.i GET / f j v l c o n . i c o KTTP/1.<br /> 93 69.714323 10.170.80.11 203.162.91.S hacl-ftionltor > 31 [ACK]<br /> <br /> <br /> <br /> E Frame 76 c™>gw32|5SLl[LZ02IP .ov1920S<br /> mau vao may dpc.<br /> Kiem tra lai mkn bang each ebon ID tai danh sach<br /> Tea ding nhap: ]<br /> ID ben phai va chpn muc User/Verify.<br /> MatJda'u: I<br /> <br /> Ding nhap I Huy bo<br /> Budc 2: Bat gdi tin khi chWa ket noi VPN<br /> <br /> Su dung cong cu wnreshark de bat goi tin gui<br /> nhan tii card mang ciia may demo, sau do dimg Disconnect | Recofwed<br /> <br /> trlnh duyet de tniy nhap cac ling dung. Du Ueu thu<br /> Hinh 7. chuong trinh xac thuc VPN.<br /> duac nhu Hlnh 5.<br /> Vol dil Ueu thu dupc nhu Hlnh 5, ta eo the thay cac<br /> Nhan dang van tay<br /> goi tin gui nhan giUa may demo vol may chu ling<br /> dung mpt each chi tiet. Xin dat ngon tay vao may<br /> quet va ddi ket qua<br /> Bitdc 3: Thiet lap VPN vdi bg nhan dang van Ki^m1ralD1,a6n:466<br /> <br /> tay<br /> Cancel<br /> Khoi dpng chuong trinh VPN CUent co tich hap<br /> module nhan dang bang each gpi C:\VPN\FingerVPN.<br /> Hinh 8. Kiem tra sinh trie van tay nguoi dung<br /> exe, chuong trlnh VPN se duac kleh boat va co mpt<br /> bleu tupng mau do (dlscoimected) nam a taskbar Kleh boat chiic nang quet van tay bang each chon<br /> nhu HUih 6: button tuong ung, module nhan dang se dupc kich<br /> Chpn diip chupt vao bleu tupng nay, chuong trinh boat va yeu cau ngudi diing dat tay len may doc<br /> xac thuc VPN se bien ra nhu Hmh 7. nhu HUih 8.<br /> Chuong trinh doe se kiem tra mau nhan dupc voi<br /> cae mau trong du Ueu va tra ve diem so tuong ling,<br /> diem cang eao thi ehiing to mau nhan cang chinh<br /> xac. Diem so bang 0 kbl hai mau hoan toan khong<br /> giong nhau.<br /> Trong trudng hpp nhan dang dting, he thdng se<br /> hien tbi thong bao va thiet lap phien VPN vol VPN<br /> Server nhu HUih 9.<br /> Khi phien VPN thiet lap thanh cong, bleu tupng<br /> VPN se chuyen sang dang mau xanh nhu Hlnh 10'<br /> Trong Hlnh 10, VPN Server da • ''- -^i^ chi IP noi<br /> bp cho may demo la 10.170.72.21L ., jjj^„<br /> demo da co the tray nhap vao 16p ir,, . ,> j^ ^^<br /> nhu vl du lenh ping den dia ebi noi bo o ; ^,<br /> Hinh 6. bieu tupng VPN chua duoc i