中文摘要：

对基于口令的访问控制进行研究，应用DES，SHA-512和Diffe—Hellman密钥交换协议，提出一个基于口令的安全用户认证模型。此模型可以抵抗中间人攻击、重放攻击、字典攻击和拒绝服务攻击，同时还能提供完善向前保密。基于提出的安全用户认证模型应用HOOK技术，给出了一个基于C／S方式的原型实现。

英文摘要：

Access control based on the password is researched, a secure user authentication model with DES, SHA- 512 and Diffe- Hellman key exchange protocol is proposed. This model not only prevents MiM attack, replay attack,guess password attack and denial of service attack, but also provides the perfect forward secrecy. A C/S - based prototype is developed with hook technology.