摘要
鉴别业务是为下一代网络(NGN)中的各种应用提供安全保障的基本服务,但目前NGN中缺乏其相应的实现机制.通过对鉴别业务在NGN中的位置和需求的分析,提出了一种在NGN中构建鉴别业务的体系结构.并在此基础上,提出了一种利用改进的Kerberos协议作为该体系结构中鉴别机制的实现方案.最后使用BAN逻辑对该协议的正确性进行了证明.
The basic security service for next generation network's application is authentication service. Unfortunately there isn't a suitable authentication mechanism which can realize the authentication service in next generation network (NGN) environment so far. Based on the analysis of authentication service's position and requirement in NGN. An enhanced Kerberos protocol was proposed as NGN's key authentication mechanism. The enhanced Kerberos protocol's validity was finally proved by BAN logic.
出处
《北京邮电大学学报》
EI
CAS
CSCD
北大核心
2005年第1期83-87,共5页
Journal of Beijing University of Posts and Telecommunications
基金
国家"863计划"项目(2003AA121520)
