摘要
VPN(虚拟专用网)的安全性是用户首要关注的问题。分析了MPLS(多协议标签交换)VPN的安全保障机制和核心网可能遇到的安全威胁,在此基础上提出了安全改进方案并进行了实验验证。在核心网中,BGP(边界网关协议)邻居间采用MD5(信息摘要算法第五版)鉴权机制,LDP(标签分发协议)邻居间采用GTSM(通用TTL安全机制)。该方案同时考虑了安全性与处理复杂度问题,经验证可以很好地加强MPLS VPN核心网的安全性。
In Virtual Private Networks (VPN), security is a performance that the users are most concerned about. This paper analyzes the security guarantee mechanism for Multi-Protocol Label Switching (MPLS) VPN and the possible security risks that the core networks may encounter. On this basis, it proposes an improved program and verifies it in experiments. In the core networks, Message-Digest algorithm 5 (MD5) is adopted among Border Gateway Protocol (BGP) neighbors and the Generalized TTL Security Mechanism (GTSM) for the Label Distribution Protocol (LDP) neighbors. Taking security and complexity both into consideration, this program is proved to be effective in enhancing the security of MPLS VPN core networks.
出处
《光通信研究》
北大核心
2013年第1期5-7,共3页
Study on Optical Communications
