摘要
IKE协议是IPSec协议簇的重要组成部分,是IPSec VPN安全传输的先决条件和保证。新版IKE即IKEv2自提出以来就备受业界关注。在研究IKEv2协议的基础上,将公钥基础设施PKI体系引入其中,并针对IKEv2中数据通信的特点,将在线证书状态协议OCSP与IKEv2协议结合起来,设计了一个基于PKI/OCSP的改进型IKEv2协议,从而提高了IPsec VPN系统的运行效率和安全性。
Internet Key Exchange(IKE) is one of the important protocols in IPSec protocol suite,which is the prerequisite and guarantee for secure communication with IPSec VPN.The new version of IKE or IKEv2 has been discussed and concerned by the industry since its introduction.This paper has researched on IKEv2 protocol,and proposed to introduce the public key infrastructure and to combine the techniques of OCSP in cognizance of IKEv2 data communication,improving the efficiency and security of IPSec VPN gateway.
出处
《武汉理工大学学报》
CAS
CSCD
北大核心
2010年第3期105-109,共5页
Journal of Wuhan University of Technology
基金
江苏省自然科学基金(BK2004039)