Unlock instant, AI-driven research and patent intelligence for your innovation.

Fast switch and authentication fusion method based on IPSec

A fusion method and fast handover technology, applied in the fusion field of fast handover and authentication, can solve problems such as difficult application, vulnerability to man-in-the-middle attacks, and unprotected IKEv2 protocol messages, and achieves improved security, reduced handover delay, and high efficiency. The effect of efficiency

Active Publication Date: 2011-03-30
XIDIAN UNIV
View PDF0 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0024] 1. IPSec is limited to the use of fixed networks, and it is difficult to apply in the mobile IP environment. Mobile IPv6 only uses IPSec to protect signaling between the mobile node MN and the home agent HA;
[0025] 2. IPSec cannot provide the function of authenticating the MN handover process in the mobile IPv6 network;
[0026] 3. The first two messages of the IKEv2 protocol are not protected and are vulnerable to man-in-the-middle attacks;

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Fast switch and authentication fusion method based on IPSec
  • Fast switch and authentication fusion method based on IPSec
  • Fast switch and authentication fusion method based on IPSec

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0059] refer to figure 1 , in the IPSec-based fast handover and authentication fusion method provided by the present invention, the communication mechanism adopted is the way of combining hierarchical mobile IPv6 and fast handover. The feature of using hierarchical mobile IPv6 is that the mobile node can reduce the number of times of binding update registration with the home agent and the communication peer during handover, and improve the handover efficiency. A mobile anchor point (MAP) is set in each area, which can be a router of any level in the hierarchical MIPv6 network (including the access router of the subnet), and the mobile anchor point is called the home anchor point when it is in the home network ( HMAP), called the local anchor point OMAP when in the home network, the anchor point of the new network that the mobile node will switch is called the new access anchor point (NMAP), these anchor points have the function of mobile agent, and manage the mobile node in T...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention belongs to the network security field, relates to an authentication method for solving communication and registering security problems when mobile nodes and communication opposite terminals in a mobile IPv6 network are carried out on link switching in communication process, in particular to a fusion method based on the rapid switching and authentication of IPSec. The invention is characterized in that: the mobile nodes and communication opposite terminals are communicated through adopting home address IPSec protocol and rapid layer mobile IPv6 protocol; the mobile nodes adopt fixed home address; the network nodes carries out certificate authority to the home address; the mobile nodes establishes IPSec connection with MAP when carrying out access registrar to mobile anchor points; the IPSec connection is established among adjacent MAP; when carrying out link switching, the mobile nodes comprises intra-area switching and inter-area switching. The method raises security, reduces time delay of switching, has high efficiency and realizes the fusion of rapid switching and authentication in a good way.

Description

technical field [0001] The invention belongs to the field of network security, and relates to an authentication method for solving communication and registration security when a mobile node and a communication peer in a mobile IPv6 network switch over a link during the communication process, especially the integration of fast switching and authentication based on IPSec method. technical background [0002] Among mobile IP technologies, networking based on IPv6 protocol has incomparable advantages over IPv4 protocol in terms of supporting mobility, solving security problems, achieving high service quality, and providing sufficient address space. The Internet Engineering Working Group IETF formally proposed the mobile IPv6 protocol, RFC3775, in June 2004 on the basis of IPv6. This protocol has greater advantages than IPv4 protocol in supporting mobility, solving security problems, realizing high service quality, and providing sufficient address space. However, due to the rel...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04W12/04H04W12/06H04W28/14H04W80/04H04L12/56H04W12/041H04W12/069H04W12/63
Inventor 董庆宽李小平刘彦明王海白丽娜
Owner XIDIAN UNIV