期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

结合信任机制的移动IPv6网络快速跨域认证方法 被引量:9

A Fast Inter-Domain Authentication Method Combining Trust Mechanism in Mobile IPv6 Networks
下载PDF
导出
摘要 在移动IPv6(MIPv6)网络中,当移动用户从外地域接入网络时,家乡域和接入域需要协作实现对移动用户的身份认证,各管理域之间存在域间信任关系是域间协作实现用户身份认证的基础.现有MIPv6网络快速认证方法在实施域间认证的过程中忽略了域间信任关系,由于缺乏域间信任而造成的认证失败在整个认证流程结束以后才能被检测到.提出一种结合信任机制的MIPv6网络快速跨域认证方法,其中在预切换阶段考虑移动用户家乡域和接入域之间的信任关系,通过移动用户和接入网络的一次交互实现用户和接入域的有效双向认证,并设计了域间信任关系的动态维护机制.基于组合公钥(CPK)算法设计了网络实体的身份签名和验证方案,用于加速双向认证过程.理论分析和数值分析结果表明,提出的方案比现有方案在减少总认证切换延时和信令开销方面更有效.同时基于CPK算法的安全性,提出的方案在有效实现用户和网络的双向认证的同时可以保证私钥的保密性和签名的不可伪造性. Abstract In mobile IPv6 networks, when mobile user accesses from a foreign domain, the home domain and the foreign domain should coordinate to perform user authentication. The existence of inter-domain trust relationship among multiple domains is the prerequisite for implementing interdomain user authentication. Current fast authentication methods in mobile IPv6 networks lacks consideration of inter-domain trust relationship when performing inter-domain user authentication. Authentication failure caused by untrustworthiness is not detected until the entire authentication procedure is over. A fast inter-domain authentication method combining trust mechanism for wireless mobile IPv6 networks is proposed, which considers inter-domain trust relationship between mobile user's home domain and the access domain in the pre-handoff procedure and realizes effective mutual authentication between mobile user and the access domain in one round-trip. A dynamic maintenance mechanism for inter-domain trust relationship is also designed. Based on the combined public key algorithm, a signature and verification scheme is designed for network entities, which accelerates mutual authentication process. Theoretical analysis and numerical results show that the proposed method is more effective in reducing total authentication and handoff delay and the signaling overhead than relative methods. Also, based on the security of CPK algorithm, the method is sufficient for privacy and unforgeability in realizing mutual authentication in mobile IPv6 networks.
作者 张娇 张玉军 张瀚文 李忠诚
机构地区 中国科学院计算技术研究所
出处 《计算机研究与发展》 EI CSCD 北大核心 2008年第6期951-959,共9页 Journal of Computer Research and Development
基金 国家自然科学基金项目(90604014)~~
关键词 MIPV6 跨域认证 信任关系 组合公钥 切换 mobile IPv6 inter-domain authentication trust relationship combined publickey handoff
分类号 TP393 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献11

二级参考文献65

  • 1田野,张玉军,刘莹,李忠诚.移动IPv6网络基于身份签名的快速认证方法[J].软件学报,2006,17(9):1980-1988. 被引量:12
  • 2Johnson D, Perkins C, Arkko J. Mobility support in IPv6. IETF RFC 3775, 2004. 被引量:1
  • 3Koodli R. Fast handovers for mobile IPv6. IETF RFC 4068, 2005. 被引量:1
  • 4Le F, Patil B, Perkins CE, Faccin S. Diameter mobile IPv6 application. Internet IETF Draft, draft-le-aaa-diameter-mobileipv6-04,2004. 被引量:1
  • 5Pack S, Choi Y. Pre-Authenticated fast handoff in a public wireless LAN based on IEEE 802.1x model. In: Proc. of the IFIP TC6/WG6.8 Working Conf. on Personal Wireless Communications 2002. 被引量:1
  • 6Kim C, Kim YS, Huh EN, Mun Y. Performance improvement in mobile IPv6 using AAA and fast handoff. In: Proc. of the ICCSA 2004. LNCS 3043, Springer-Verlag, 2004. 738-745. 被引量:1
  • 7Eronen P, Hiller T, Zorn G. Diameter extensible authentication protocol (EAP) application. IETF RFC 4072, 2005. 被引量:1
  • 8Aboba B, Blunk L, Vollbrecht J, Carlson J, Levkowetz H. Extensible authentication protocol (EAP). RFC 3748, 2004. 被引量:1
  • 9Aboba B, Simon D. PPP EAP TLS authentication protocol. RFC 2716, 1999. 被引量:1
  • 10Palekar A, Simon D, Salowey J, Zhou H, Zorn G, Josefsson S. Protected EAP protocol (PEAP) version 2. Internet IETF Draft draft-josefsson-pppext-eap-tls-eap- 10, 2004. 被引量:1

共引文献72

同被引文献110

引证文献9

二级引证文献32

计算机研究与发展
2008年 第6期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部