本文選題：移動IPv6 + 安全　； 參考：《云南大學》2016年碩士論文

【摘要】：IPv6作為未來互聯(lián)網通信的關鍵技術,其無比龐大的地址庫可以有效解決IPv4地址短缺這一難題。而其對移動性的支持也保證其應用范圍更加廣泛,除了傳統(tǒng)通信外,其還可應用于物流網、智能家居、智能汽車和智能可穿戴等領域。但隨著其部署的展開,服務質量、切換延遲以及安全方面的問題都突顯了出來。特別是安全方面,由于其支持移動性這一特點導致其面臨的安全威脅更加復雜。移動IPv6當前使用的安全策略一般是IPSec協(xié)議和RRP方法,分別用于保證移動節(jié)點在家鄉(xiāng)代理上和通信節(jié)點上的注冊安全。但是在實際部署過程中由于協(xié)議本身的缺陷等原因導致安全性和部署的難度并不能很好的平衡。要保證移動IPv6通信的安全,最基本的便是保證其移動節(jié)點綁定注冊的安全。因此對于如何保證移動IPv6中移動節(jié)點與家鄉(xiāng)代理之間的通信安全的研究是很有必要的。本文首先詳細介紹了移動IPv6的原理、工作機制、相關術語和改進的技術,并與移動IPv4進行了對比。然后對移動IPv6中可能面臨的威脅列舉介紹,并詳細闡述了IPSec協(xié)議和RRP協(xié)議的工作原理、方法以及流程。在此基礎上提出一種利用傳輸層協(xié)議SSL/TLS和AAA技術來保證移動節(jié)點與家鄉(xiāng)代理之間通信安全的方案。該種方案引入了一個實體并命名為HARR (Home Agent Resolver Router,家鄉(xiāng)代理解析路由),利用這個實體建立移動節(jié)點與家鄉(xiāng)代理之間的安全聯(lián)盟以供其對綁定注冊進行加密性和完整性保護。另外在此基礎上對傳統(tǒng)的RRP過程進行改進優(yōu)化,并定義了一個檢驗模型對優(yōu)化方案進行檢驗,結果是該優(yōu)化方案減少了切換延遲,降低了鏈路時延對整體時延的影響。
[Abstract]:As the key technology of future Internet communication, IPv6's enormous address library can effectively solve the problem of IPv4 address shortage.Besides traditional communication, it can also be used in logistics network, smart home, intelligent automobile and intelligent wearable field.However, the quality of service, handoff delay and security issues are highlighted as its deployment unfolds.Especially in the aspect of security, its security threats are more complicated because of its mobility support.The current security policies used in mobile IPv6 are generally IPSec protocol and RRP method, which are used to guarantee the registration security of mobile nodes on home agent and communication node respectively.However, due to the defects of the protocol itself, the security and the difficulty of deployment are not well balanced in the actual deployment process.To ensure the security of mobile IPv6 communication, the most basic is to ensure the security of mobile node binding registration.Therefore, it is necessary to study how to ensure the communication security between mobile nodes and home agents in mobile IPv6.In this paper, the principle, working mechanism, related terminology and improved technology of mobile IPv6 are introduced in detail, and compared with mobile IPv4.Then the possible threats in mobile IPv6 are introduced, and the working principle, method and flow of IPSec and RRP protocols are described in detail.On this basis, a scheme is proposed to ensure the security of communication between mobile nodes and home agents by using transport layer protocols SSL/TLS and AAA.This scheme introduces an entity named HARR HARR Agent Resolver Router.The home agent resolves routing and uses this entity to establish a security alliance between mobile node and home agent for encryption and integrity protection of binding registration.In addition, the traditional RRP process is improved and optimized, and a test model is defined to test the optimization scheme. The result is that the optimization scheme reduces the handoff delay and the influence of link delay on the overall delay.
【學位授予單位】：云南大學
【學位級別】：碩士
【學位授予年份】：2016
【分類號】：TP393.08
，

本文編號：1742639