Design of University Resource Website and Security Measures in IPV6

Publications

Share / Export Citation / Email / Print / Text size:

International Journal of Advanced Network, Monitoring and Controls

Xi'an Technological University

Subject: Computer Science , Software Engineering

GET ALERTS

eISSN: 2470-8038

DESCRIPTION

0
Reader(s)
0
Visit(s)
0
Comment(s)
0
Share(s)

SEARCH WITHIN CONTENT

FIND ARTICLE

Volume / Issue / page

Archive
Related articles

VOLUME 3 , ISSUE 1 (May 2018) > List of articles

Design of University Resource Website and Security Measures in IPV6

Chunmei Li * / Peng Cui * / Xinke Zhou * / Ze Xiao *

Keywords : IPV6, Address Binding, Decision Tree

Citation Information : International Journal of Advanced Network, Monitoring and Controls. VOLUME 3 , ISSUE 1 , ISSN (Online) 2470-8038, DOI: 10.21307/ijanmc-2018-011, May 2018 © 2018.

License : (CC-BY-NC-ND-4.0)

Published Online: 07-May-2018

ARTICLE

ABSTRACT

In this paper authors introduced the overall design of learning resource sharing platform in the pure IPv6 environment, including the client and the web server and the back-end database, and the user management, the detailed design of the three aspects of resource management platform and administrator management. Finally authors introduced application of decision tree in this website.

Graphical ABSTRACT

I. INTRODUCTION

With the development of computer technology, people’s work style, lifestyle changes, the increasing demand for computer networks, and the rapid increase in the number of Internet users, making the urgent increase in IPv4 address requirements. The existing ipv4 address has long been unable to meet the demand. After the depletion of IPv4 address in Asian, Latin America, Europe and the United States and other regions, on September 24, 2015, North America also declared IPv4 address were exhausted, leaving only a small amount of the African region [1]. In order to maintain the use of ipv4 addresses, there are technologies such as NAT[2] (network address translation) technology, VLSM (variable long subnet mask) technology[3], CIDR[4] (no class interdomain routing) which can not solve the fundamental problem of IPv4 address depletion. So the technology translates from IPv4 to IPv6 and IPV6 environment in a variety of applications have been carried out in the world research, Japan and other countries in the study of IPV6 new technology has been at the forefront of the world.

IPv6 address is 128 bits, which can represent the great address space, good scalability, better quality of service (Qos), security, mobility and improve the efficiency of routing and other characteristics [5]. China has started the next generation of Internet Demonstration Project (CNGI) project in 2003, one of the countries with relatively advanced global start and multiple IPv6 addresses, but the use of IPv6 addresses is far behind, The conversion of IPV4 and IPV6 uses three techniques, namely, dual-station protocol technology[6], tunneling technology[7][8] and translation technology (also called protocol conversion technology)[9]. At present, the most widely used technology is dual station technology.

In this paper, IPV6[10][11] itself is inherently safe, the address is unique, the address is wide and the transmission speed is fast. In the pure IPV6 environment, it is proposed to develop the campus learning resource sharing platform based on ipv6, which can realize the upload of various learning resources Download, in order to achieve the real learning resources to share, as a common progress, learn from each other, to discuss each other, so as to improve the quality of teaching, improve teaching effectiveness.

II. THE OVERALL DESIGN OF LEARNING RESOURCE SHARING PLATFORM

A. Overall design

The learning resource sharing platform is divided into two modules: client and server, As shown in figure 1.

Figure 1.

Overall design

10.21307_ijanmc-2018-011-f001.jpg

The learning resource sharing platform[12] is divided into two types of users: learners and administrators, learners upload and download and browse learning resources, communicating with each other through the message board; administrators of learning materials and message content audit, management[13]. The general function of the system for the user is to upload learning materials and the corresponding description of the data, after the review by other users can download the use of the user after the use of the data can be evaluated, feedback to the platform of the message board.

All users who have registered in this platform can upload and download student resources. Before uploading, you need to verify the IPv6 address and user identity. The uploaded resources need to be audited before being downloaded. Resources need to be feedback and evaluation after downloading resources. The development of the above platform is and the use of pure ipv6 environment is carried out.

B. Detailed Design

1) User Management

User registration and login

Users can register through the registration web page on the platform to become a user member of the platform. In this case, the user’s IP address should be obtained and bound with its account. After success of the registration, the user can login through the login web page on the platform. After logging in, you can upload, download, play online and message and other operations. Unregistered or unregistered users can browse the resources on this platform, but they can’t do the above operations. They can only use it before logging in.

Account management

Users can use the personal information web page to view the current user’s registration information. In the meanwhile, we can update the user’s property or modify the password through the web page. Of course, for the user who forget the password, they can log in the web page to find the password to jump to modify the page to modify. When the login account is different form the last login ipv6 address, we can determine whether the new ipv6 the address is the same to the old. If it is, we allowed to continue to log in; if not in the same network account, prompts him to answer questions, the answer is correct, allowing it to continue to visit; otherwise, continue to answer questions, three times to prevent access to this Law to prevent non-I upload illegal information, or to prevent non-I am injected into the illegal operation of virus files to protect the safety of users and resources.

C. Resource management

The platform is a resource sharing platform which needs to cover all aspects of teaching resources. The platform in accordance with the discipline of resources classification, and real-time update resources. The main functions of it are: upload, download, online, message and so on.

1) Resource upload and download

Users can upload the various forms of resources, whose types are not limited. For example, you can upload Word documents, PPT courseware, Flash animation and video resources. The suffix of the resource can be. Doc, .ppt, .zip, .rar, .swf and .TIF and so on. Only the resource information of the resource file is stored in the database. The website provides the resource download service according to the resource path. The uploaded resource file is usually stored in a subdirectory under the root directory of the website. Users can only release resources after log in. Users can fill out the information of the resource name, detailed information and other information. When users publish resources to determine whether the user’s IPv6 address and the registration of the IPv6 address in the same network, if the same network, the user can upload data, if not in the same network, you need to answer specific questions to ensure the safety and reliability of users and resources.

Users can download the various forms of resources on the platform, each resource below the corresponding download. After the user clicks the download button, the download box will pop up, the path will be selected to click to start the download, and the user can select the default download path. After the completion of access to the appropriate path to view resources.

2) Resources online browsing

Users can browse some of the resources in the system, that is, you can browse the resources online without downloading. Users simply click on the play button below the resource, you can browse online. For users who do not have the button to play, the user can only download and browse.

3) Message module

The user can comment on a resource, they can also reply to the resources of other users to ask questions, in order to achieve the purpose of interactive learning; users can delete their own message, the administrator can delete the message, the message can not be edited.

D. Administrator management

Administrators can view, upload, download, delete resources, they can set the upload resource size limit, for the user to upload the resources for review, pending approval before the resource can be used. At the same time the administrator can also view, send and delete messages.

Of course, as with the user to upload resources, the administrator login after the implementation of administrative authority before the need for IPv6 authentication to determine the administrator’s IPv6 address and the registration of the IPv6 address is the same network segment. If they are in same network segment, the management administrator can perform administrative privileges, and if it is no longer in the same network segment, the administrator needs to answer specific questions to perform administrative privileges. Thus ensuring that the administrator himself is in operation to prevent others from maliciously executing administrator privileges. To ensure the safety of system operation.

III. SECURITY MEASURES FOR LEARNING RESOURCE SHARING PLATFORM OF IPV6

A. The characteristics of IPv6 ensure the safety of network resources

Because IPv4 is just a simple network interworking protocol, a large number of security issues are not considered in, and IPv6 achieves IP-level security. Ipsec is a series of security protocols that define the security services used at the Internet layer. Features of it includes data encryption, access control to network elements, data source address verification, data integrity checking, and replay prevention. IPv6 includes IPSec protocol, which can protect users from some network attacks[14].

B. A huge resource of IPv6 addresses makes it possible to determine the one-to-one relationship between users and addresses

Since an IPv6 address is 128 bits, theoretically there are 2 ^ 128 different IPv6 addresses. So basically it is guaranteed that everyone has a unique IPv6 address. This guarantees a true one-to-one correspondence between the user and the IP address. IPv6 does not support subnet masks. It only supports subnet prefix identification. The IPv6 prefix uses an address prefix similar to the CIDR mechanism in IPv4 addresses. IPv6 uses address prefixes to identify networks, subnets, and routes. The IPv6 address is divided into two parts: the subnet prefix and the interface identifier [15].

C. IPv6 address and user information binding

One-to-one relationship between users and addresses ensure each user has a unique IPv6 address. This makes it possible to bind ip addresses to user information. The purpose of binding user information and user IP address is when you login next time, we can determine whether the same person in operation. If the user login address is same as the last ip address, then at least we can ensure the user or authorized others are operating. If it is not my own operations, then we can confirm whether it is himself by asking questions, if the answer is incorrect, only allow users to browse, but not allow other upload or download or leave a message and other operations. Thus the system ensure the security of user information, but also protect the network resources and management of the security.

D. Application of Decision Tree Algorithm in Security Assurance

When the user register, we will get the user’s IPv6 address and bind the user’s information to their IPv6 address. When the user login again, we first determine whether the user’s IPv6 address and the IPv6 address bound to it are in a campus network. If the user is in the same campus network, we use method1. The user can directly upload data, download resources, learn online, message interaction and other operations. If not in the same campus network to determine whether in a city. If they are in a city, then we use the method2, the user needs to enter the verification code, the verification code is correct, continue to use method1. If they are not in a city, we determine whether it is the national address, if it is from other domestic cities ipv6 address, then we use the method3, the user answered specific questions, if the problem is correct he can continue to access, we use method 1, or only have the right to browse or directly denied access to this site. This to ensure the safety of users, the safety of learning resources and management of the safety and reliability, this to ensure the safety of the entire learning resources platform. We analyzed ipv6 address in the experiment and divided into four categories in Table 1 below, and four kinds of ipv6 addresses for different treatment. In this process, if the ipv6 address is wrong, the website will direct denial of access after prompt error. In general, there will not be wrong ipv6 address, ipv6 address in the ipv6 library are automatically obtained by the system.

TABLE I.

FOUR TYPES IPV6 ADDRESS

10.21307_ijanmc-2018-011-tbl1.jpg

Therefore, we firstly classified ipv6 address based on the address of the library. Of course, for each user ipv6 library, the ipv6 address is not the first time that the address of the application, but each time you use the address of these four categories ways to accumulate statistics, what kind of login the most frequently used, the data in the ipv6 library will be updated to the most frequently used ipv6 address. Based on the classification process, the decision tree [16] is used to make the classification decision. The decision tree is as follows:

Figure 2.

Processing decision tree

10.21307_ijanmc-2018-011-f002.jpg

IV. CONCLUSION

The resources provided by the website include images, text, video and other types, the content is not limited to the school curriculum knowledge. Rich and comprehensive learning resources for students to provide class and extracurricular learning opportunities. Based on the realization of ipv6 makes the site security, user and resource security has greatly improved. The speed of access and download makes it unnecessary to wait for too long. The binding of IPv6 address and user information makes the user upload the resource reliability to ensure the security of the user, the security of the learning resource and the security of the management And reliability, thus ensuring the safety of the entire learning resource platform. The resources of the learning resource sharing platform and user and information reliability determine the utilization of the platform, is a major supplement to school teaching, improve the quality of teaching and teaching results.

ACKNOWLEDGMENT

Thanks for fund surpporting by the project :The next generation of Internet innovation projects in the SEIR network, fund number: NG1120160503

References


  1. Zhu Shuang. September North America IPv4 address exhausted [J]. China Education Network, 2015 (11): 43–43.
  2. J. Clerk Maxwell, A Treatise on Electricity and Magnetism, 3rd ed., vol. 2. Oxford: Clarendon, 1892, pp. 68–73.
  3. Sun Zhongting. NAT technology to solve the problem of IP address shortage [J]. Computer and network. 2013 (20): 67–69.
  4. Wang Ning. VLSM technology in the application of IP address management [J]. Computer CD-ROM software and applications. 2010. 5: 41–42
  5. Li Ruijun. CIDR-based network IP address planning and application [J]. Journal of Changchun Normal University (Natural Science Edition). 2014.10.33 (5): 33–36.
  6. Xia Feng. Research and Implementation of Key Technology of Distance Education System Based on IPv6 [J]. Journal of Xi’an Jiaotong University, 2014.
  7. Guo-Liang Han, Cong-Xiao Bao, Xing Li. A scalable and efficient IPv4 address integration approach in IPv6 transition scenarios [J]. Frontiers of Information Technology & Electronic Engineering. August 2015, Volume 16, Issue 8, pp 634–645.
    [CROSSREF]
  8. Wu Zhaoxiong, Liang Xiongxiong. Using the GRE Tunneling Technology to Access the Meteorological Local Area Network Method [J]. Guangdong Meteorology. 2016.4.38 (2): 73–76.
  9. Cheng Si, Cheng Jia-Xing. Research on Tunneling Technology in VPN [J]. Computer Technology & Development. 2010.2.20 (2): 156–159.
  10. Gao Zheng-Ming, Zhao Yong, Bao Wei-Hua. Technology and Realization of PROFIBUS DP / PA Network Protocol [J]. Instrumentation Standardization and Metrology. 2014.4: 25: 27.
  11. Li Changhua, Cui Chenzhou, etc. IPv6 technology in astronomy research cloud computing environment application [J]. Journal of Computer Applications. 2016, 36 (S1): 25–28.
  12. Ge Jingguo, Mi Wei, Wu Yulei. IPv6 transition mechanism: research review, evaluation index and deployment considerations [J]. Journal of Software 2014.4: 896–912.
  13. Huang Zhang-Shu, Li Bao-Yu, Chen Cui-Ping. Design of Customer Knowledge Sharing Resource Library Platform Based on Cloud Computing [J]. Modern Information. 2015.4.35 (4): 69–74.
  14. Zhang Tao. IPv6 a number of security issues [D]. Chinese Academy of Sciences Graduate School (Institute of Software), 2005.
  15. Liu Haifeng, Wang Lixin. Implementation of IPv6 video on demand system based on Think PHP framework [J]. Journal of Jilin Institute of Engineering Technology, 2016, 32 (2): 74–76.
  16. Qing Hui. IPv6-based multicast technology and application system research [D]. Wuhan University of Technology, 2008.
  17. Zhou Dangdang, Su Yong. Television Ratings Prediction Research Based on Decision Tree.
XML PDF Share

FIGURES & TABLES

Figure 1.

Overall design

Full Size   |   Slide (.pptx)

Figure 2.

Processing decision tree

Full Size   |   Slide (.pptx)

TABLE I.

FOUR TYPES IPV6 ADDRESS

Full Size   |   Slide (.pptx)

REFERENCES

  1. Zhu Shuang. September North America IPv4 address exhausted [J]. China Education Network, 2015 (11): 43–43.
  2. J. Clerk Maxwell, A Treatise on Electricity and Magnetism, 3rd ed., vol. 2. Oxford: Clarendon, 1892, pp. 68–73.
  3. Sun Zhongting. NAT technology to solve the problem of IP address shortage [J]. Computer and network. 2013 (20): 67–69.
  4. Wang Ning. VLSM technology in the application of IP address management [J]. Computer CD-ROM software and applications. 2010. 5: 41–42
  5. Li Ruijun. CIDR-based network IP address planning and application [J]. Journal of Changchun Normal University (Natural Science Edition). 2014.10.33 (5): 33–36.
  6. Xia Feng. Research and Implementation of Key Technology of Distance Education System Based on IPv6 [J]. Journal of Xi’an Jiaotong University, 2014.
  7. Guo-Liang Han, Cong-Xiao Bao, Xing Li. A scalable and efficient IPv4 address integration approach in IPv6 transition scenarios [J]. Frontiers of Information Technology & Electronic Engineering. August 2015, Volume 16, Issue 8, pp 634–645.
    [CROSSREF]
  8. Wu Zhaoxiong, Liang Xiongxiong. Using the GRE Tunneling Technology to Access the Meteorological Local Area Network Method [J]. Guangdong Meteorology. 2016.4.38 (2): 73–76.
  9. Cheng Si, Cheng Jia-Xing. Research on Tunneling Technology in VPN [J]. Computer Technology & Development. 2010.2.20 (2): 156–159.
  10. Gao Zheng-Ming, Zhao Yong, Bao Wei-Hua. Technology and Realization of PROFIBUS DP / PA Network Protocol [J]. Instrumentation Standardization and Metrology. 2014.4: 25: 27.
  11. Li Changhua, Cui Chenzhou, etc. IPv6 technology in astronomy research cloud computing environment application [J]. Journal of Computer Applications. 2016, 36 (S1): 25–28.
  12. Ge Jingguo, Mi Wei, Wu Yulei. IPv6 transition mechanism: research review, evaluation index and deployment considerations [J]. Journal of Software 2014.4: 896–912.
  13. Huang Zhang-Shu, Li Bao-Yu, Chen Cui-Ping. Design of Customer Knowledge Sharing Resource Library Platform Based on Cloud Computing [J]. Modern Information. 2015.4.35 (4): 69–74.
  14. Zhang Tao. IPv6 a number of security issues [D]. Chinese Academy of Sciences Graduate School (Institute of Software), 2005.
  15. Liu Haifeng, Wang Lixin. Implementation of IPv6 video on demand system based on Think PHP framework [J]. Journal of Jilin Institute of Engineering Technology, 2016, 32 (2): 74–76.
  16. Qing Hui. IPv6-based multicast technology and application system research [D]. Wuhan University of Technology, 2008.
  17. Zhou Dangdang, Su Yong. Television Ratings Prediction Research Based on Decision Tree.

EXTRA FILES

COMMENTS