摘要
在3GPP提出的3G与WLAN融合方案的基础上,针对EAP-AKA认证方法中存在的虚假AP攻击,用户私密信息泄露等安全问题,提出了一种EAP-TTLS-AKA认证方法。此方法实现了UE对WLAN接入网的认证,在UE和WLAN接入网之间建立了安全认证隧道,并在安全认证隧道中实现UE和3GPP的AKA认证。分析结果表明,此方法有效解决了虚假AP攻击、IMSI信息泄露、中间人攻击等安全问题,具有较高的安全性,同时也保持较低的通信和计算开销。
Based on the 3GPP's 3G and WLAN integration program and the false AP attack in the EAP-AKA as well as the user security issues such as disclosure of private information,an EAP-TTLS-AKA authentication method is presented.This method implements the establishment of the UE authentication of the WLAN access network.The AKA authentication of 3GPP and UE is achieved in the drying tunnels.The results show that this method is an effective solution to the false AP attack,IMSI information disclosure,middle attacks and other security issues.It has high security and maintains low communication and computation overhead.
出处
《电子科技》
2011年第3期108-111,共4页
Electronic Science and Technology