摘要
基于局域网协议架构的可信网络接入认证受局域网协议的缺陷限制,如网络扩容受限、缺乏端端安全保护、不可靠UDP传输以及无失败恢复机制等问题,目前仅能在小规模局域网应用。针对局域网可信网络接入认证的缺陷和广域网可信接入认证的应用需求,提出了一种基于Diameter协议基础架构的可信接入认证方法,包括协议流程和网络架构设计,具备广域网部署应用、可信度量特征可细腻度粒化以及端到端安全保护等特征。
Currently,trusted network access authentication based on the LAN protocol architecture is limited by the defects of the LAN protocol,such as limited network expansion,lack of end-to-end security protection,unreliable UDP transmission,no failure recovery mechanism,and other problems.And it can only be applied in small-scale local area networks at present.Aiming at the defects of LAN trusted network access authentication and the application requirements of WAN trusted access authentication,a trusted access authentication method based on the Diameter protocol infrastructure is proposed.This method involves protocol process and network architecture design,and has the characteristics of wide area network deployment and application,reliable measurement features,fine granularity and end-to-end security protection.
作者
杨帆
杨玉发
李春林
YANG Fan;YANG Yu-fa;LI Chun-lin(No.30 Institute of CETC,Chengdu Sichuan 610041,China)
出处
《通信技术》
2020年第10期2495-2500,共6页
Communications Technology
基金
四川省科技计划资助(No.2017GZDZX0002)
四川省科技计划资助(No.2018JY0377)。
