發(fā)布時間：2018-01-30 11:09

  本文關(guān)鍵詞： 安全協(xié)議 通用認(rèn)證架構(gòu) 密鑰協(xié)商 端到端安全 機(jī)器類型通信　出處：《西安電子科技大學(xué)》2014年碩士論文　論文類型：學(xué)位論文

【摘要】：隨著移動網(wǎng)絡(luò)的發(fā)展，，建立在其上面的應(yīng)用也越來越多，用戶和應(yīng)用服務(wù)器之間的安全更加受到關(guān)注，因此很多應(yīng)用都需要在用戶端和應(yīng)用服務(wù)器之間實現(xiàn)端到端安全。GAA(Generic Authentication Architecture)架構(gòu)提供了一種通用的鑒權(quán)機(jī)制，它定義了如何將蜂窩網(wǎng)絡(luò)安全基礎(chǔ)設(shè)施用來提供用戶和服務(wù)器之間通用認(rèn)證服務(wù)的標(biāo)準(zhǔn)，避免了為每一種服務(wù)都提供獨有的認(rèn)證，解決了不同用戶和應(yīng)用服務(wù)之間的雙向認(rèn)證問題。但是在應(yīng)用服務(wù)器通信受限和MTC（Machine Type Communication）通信兩種網(wǎng)絡(luò)環(huán)境下，如果使用GAA認(rèn)證，則會造成認(rèn)證效率低下，認(rèn)證時延增大。如果出現(xiàn)這種情況，將會使得服務(wù)質(zhì)量無法得到保障。 本文針對這兩種通信環(huán)境分別提出了端到端方案，對于應(yīng)用服務(wù)器通信受限下的研究，基于Needham-Schroeder協(xié)議的框架提出了改進(jìn)的認(rèn)證方案，解決了這種網(wǎng)絡(luò)環(huán)境下的認(rèn)證問題。對于MTC通信環(huán)境下的研究，將批量驗證技術(shù)應(yīng)用到MTC通信應(yīng)用層上，緩解了MTC通信的認(rèn)證信令擁塞問題。對兩個方案的分析表明本文提出的方案性能良好，安全性達(dá)到了應(yīng)用需求。上述方案不僅彌補(bǔ)了GAA認(rèn)證在兩種網(wǎng)絡(luò)環(huán)境下的不足，而且縮短了認(rèn)證時延，提高了認(rèn)證效率。
[Abstract]:With the development of mobile network, more and more applications are built on it, and the security between users and application servers is more and more concerned. As a result, many applications need to implement end-to-end security between the client and the application server. Architecture provides a common authentication mechanism. It defines the standard of how to use cellular network security infrastructure to provide generic authentication services between users and servers, avoiding the provision of unique authentication for each service. Resolves bidirectional authentication between different users and application services. But in application server communication is limited and MTC(Machine Type communication). Communication in two network environments. If GAA authentication is used, the authentication efficiency will be low and the authentication delay will increase. If this happens, the quality of service will not be guaranteed. In this paper, end-to-end schemes are proposed for these two communication environments, and the application server communication constraints are studied. Based on the framework of Needham-Schroeder protocol, an improved authentication scheme is proposed to solve the authentication problem in this network environment. Batch verification technology is applied to MTC communication application layer to alleviate the problem of authentication signaling congestion in MTC communication. The analysis of the two schemes shows that the proposed scheme has good performance. The above scheme not only makes up for the deficiency of GAA authentication in two network environments but also shortens the authentication delay and improves the authentication efficiency.
【學(xué)位授予單位】：西安電子科技大學(xué)
【學(xué)位級別】：碩士
【學(xué)位授予年份】：2014
【分類號】：TP393.08

【參考文獻(xiàn)】

相關(guān)期刊論文 前2條

1 薛銳;馮登國;;安全協(xié)議的形式化分析技術(shù)與方法[J];計算機(jī)學(xué)報;2006年01期

2 張方國,王常杰,王育民;基于橢圓曲線的數(shù)字簽名與盲簽名[J];通信學(xué)報;2001年08期

本文編號：1476093