期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

一种基于IKE协议的移动VPN安全通信方案 被引量:5

Secure Communication Scheme of Mobile VPN Based on IKE Protocol
下载PDF
导出
摘要 实现移动终端的安全接入、移动通信的安全传输是智能移动终端普及和移动业务扩展的重要环节。以保证移动数据安全交换为目的,针对移动终端接入企业内网所面临的安全问题,提出了一种移动VPN(Virtual PrivateNetwork)通信方案。方案对IPSec VPN的IKE(Internet Key Exchange)协商流程进行了改进,能支持多因子认证和基于角色的访问控制。分析和实验测试证明了方案的安全性和可行性。 The security access control of mobile terminals and secure transmission of mobile data play an important role for the widespread usage of mobile intelligent terminals and the extension of mobile service. According to the security problem when mobile terminals access intranet, this paper put forward a secure communication scheme of mobile VPN with the aim of security exchange for mobile data. The scheme improved the negotiation process IKE protocol which is one of the important protocols in IPsec protocol suite, and the scheme can support multifactor authentication and role based access control. The results of theoretical analysis and experiments demonstrate the practicability and the security of our scheme.
作者 舒明磊 谭成翔 谭博
机构地区 同济大学电信学院计算机系
出处 《计算机科学》 CSCD 北大核心 2010年第5期84-86,共3页 Computer Science
基金 国家"863"计划基金项目(2006AA01Z438)资助
关键词 IPSEC VPN 移动安全接入 IKE 多因子验证 IPSec virtual private network Mobile secure access Internet key exchange protocol Multifactor authentication
分类号 TP393.08 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献12

  • 1DAVISCR 周永彬 冯登国 李德权 译.IPSec VPN的安全实施[M].北京:清华大学出版社,2002..
  • 2Columbitech A B. Columbitech Wireless VPN technical Description [EB/OL]. http://www. columbitech, com/Products/WVP N. asp,2004.
  • 3Rao G. NET6 Hybrid-VPN Gateway [EB/OL]. http://www. citrix.it/REPOSITORY/docRepository/id_900_1112979921897309. pdf.2004.
  • 4Cisco Systems. Enterprise Mobile Wireless Data Solutions 1.0, White paper [EB/OL]. http://www, ciseo, com/en/US/netsol/ns341/ns396/ns177/networking_solutions white paper09 186a00802252b2. shtml. Aug. 2003.
  • 5BirdStep Corp. Introducing Birdstep Intelligent Mobile IP, v2. 0 Universal Edition [EB/OL]. http://www. birdstep, com/Products/Birdstep/Birdstep-Intelligent-Mobile-IP, 2004.
  • 6Nokia Inc. White Paper: The Evolution of Mobile VPN and its Implications for Security[EB/OL]. http://www, nokia, com/ NOKIA_COM_1/About_Nokia/Press/White_Papers/pdf_files/whitepaper_evolutionofmobilevpn.pdf.2005.
  • 7欧阳凯,周敬利,夏涛,余胜生.基于SSL VPN接入机制的研究[J].计算机科学,2005,32(5):59-63. 被引量:7
  • 8Rosenbaun G,Lau W,J ha S. An analysis of virtual private network solutions [J]. Local Computer Networks, 2003, 10: 395- 404.
  • 9Harkins D, Carrel D. The Internet Key Exchange (IKE)[S]. IETF,RFC 2409,Nov. 1998.
  • 10Bore|la M S. Methods and protocols for Secure Key Negotiation Using IKE [J].IEEE Network,2000,14(4): 18-29.

二级参考文献29

  • 1W. Aiello, S.M. Bellovin.Just Fast Keying (JFK)[Z].draft-ietf-ipsec-jfk-00.txt.
  • 2Niklas Hallqvist, Angelos Keromytis.Implementing internet Key Exchange(IKE)[Z]. 1948-1952.
  • 3D McDonald, C Metz and B Phan.PF_KEY Key Management API, Version2[S]. RFC2367,1998.
  • 4Harkins D,Carrel D. The internet key exchange (IKE)[S].RFC2409,1998.
  • 5Kent S,Atkinson R.Security architecture for the internet protocol[S].RFC2401, 1998.
  • 6Michael S Borella.Methods and protocols for secure key negotiation using IKE[J]. IEEE Network July/August 2000:18-29.
  • 7Zhou J.Further analysis of the Internet key exchange protocol[J].Computer Communications 2000, 23: 1606-1612.
  • 8Radia Perlman,Charlie Kaufman.Key exchange in IPSec:analysis of IKE[J].IEEE Internet Computing November/December, 2000: 50-56.
  • 9Niels Ferguson,Bruce Schneier.A cryptographic evaluation of IPSec[EB/OL]. Available Online at http://www.counterpane.com/ipsec.html, April 1999.
  • 10Maughan D,Schertler M,Schneider M and Turner J.Internet security association and Key management protocol[S].RF2408,1998.

共引文献13

同被引文献44

  • 1宋文功,杨培敏.基于IPSec和SSL的嵌入式网络安全应用研究[J].微计算机信息,2007,23(23):37-39. 被引量:2
  • 2任彦,苏伟,张思东,张宏科.移动网络中IPsec-VPN的构建与性能分析[J].北京交通大学学报,2005,29(5):10-13. 被引量:1
  • 3ZHANG Huanguo WANG Fan.A Behavior-Based Remote Trust Attestation Model[J].Wuhan University Journal of Natural Sciences,2006,11(6):1819-1822. 被引量:10
  • 4杭州华三通信技术有限公司.路由交换第1卷(下册)[M].,2009..
  • 5杨勇,叶梅,张秦艳,初元萍,胡磊.基于ARM的嵌入式Linu)(无线网卡设备驱动研究[J].柱电子学与探测技术,2010.30(4):519.
  • 6孟晓峰,闰宏生向IPv6过渡中的网络安全探析[J].计算机光盘授件与应用,2010.16:72.
  • 7Uskov A V. Information security of mobile VPN: Conceptual models and design methodology [C]//Proceedings of the IEEE International Conference on Electro/Information Technology. Liverpool, United Kingdom: IEEEPress, 2012: 1-6.
  • 8Jian Wang, Haihang Wang, Chengxiang Tan. A mobile security access system based on IPSec VPN [J]. Journal of Computational Information Systems, 2009, 5 (1): 467-472.
  • 9Uskov, Alexander V. information security of ipsec-based mobile vpn: Authentication and encryption algorithms performance [C]//Proceedings of the IEEE 11th International Conference on Trust, Security and Privacy in Computing and Communications. Liverpool, United Kingdom: IEEE press, 2012: 1042-1048.
  • 10Ahmad-Reza Sadeghi, Steffen Schulz. Extending IPsec for efficient remote attestation [G]. Lecture Notes in Computer Science 6054: Financial Cryptography and Data Security, 2010: 150-165.

引证文献5

二级引证文献18

计算机科学
2010年 第5期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部