本文選題：移動(dòng)IPv6 + 安全�。� 參考：《云南大學(xué)》2016年碩士論文

【摘要】：IPv6作為未來(lái)互聯(lián)網(wǎng)通信的關(guān)鍵技術(shù),其無(wú)比龐大的地址庫(kù)可以有效解決IPv4地址短缺這一難題。而其對(duì)移動(dòng)性的支持也保證其應(yīng)用范圍更加廣泛,除了傳統(tǒng)通信外,其還可應(yīng)用于物流網(wǎng)、智能家居、智能汽車和智能可穿戴等領(lǐng)域。但隨著其部署的展開(kāi),服務(wù)質(zhì)量、切換延遲以及安全方面的問(wèn)題都突顯了出來(lái)。特別是安全方面,由于其支持移動(dòng)性這一特點(diǎn)導(dǎo)致其面臨的安全威脅更加復(fù)雜。移動(dòng)IPv6當(dāng)前使用的安全策略一般是IPSec協(xié)議和RRP方法,分別用于保證移動(dòng)節(jié)點(diǎn)在家鄉(xiāng)代理上和通信節(jié)點(diǎn)上的注冊(cè)安全。但是在實(shí)際部署過(guò)程中由于協(xié)議本身的缺陷等原因?qū)е掳踩院筒渴鸬碾y度并不能很好的平衡。要保證移動(dòng)IPv6通信的安全,最基本的便是保證其移動(dòng)節(jié)點(diǎn)綁定注冊(cè)的安全。因此對(duì)于如何保證移動(dòng)IPv6中移動(dòng)節(jié)點(diǎn)與家鄉(xiāng)代理之間的通信安全的研究是很有必要的。本文首先詳細(xì)介紹了移動(dòng)IPv6的原理、工作機(jī)制、相關(guān)術(shù)語(yǔ)和改進(jìn)的技術(shù),并與移動(dòng)IPv4進(jìn)行了對(duì)比。然后對(duì)移動(dòng)IPv6中可能面臨的威脅列舉介紹,并詳細(xì)闡述了IPSec協(xié)議和RRP協(xié)議的工作原理、方法以及流程。在此基礎(chǔ)上提出一種利用傳輸層協(xié)議SSL/TLS和AAA技術(shù)來(lái)保證移動(dòng)節(jié)點(diǎn)與家鄉(xiāng)代理之間通信安全的方案。該種方案引入了一個(gè)實(shí)體并命名為HARR (Home Agent Resolver Router,家鄉(xiāng)代理解析路由),利用這個(gè)實(shí)體建立移動(dòng)節(jié)點(diǎn)與家鄉(xiāng)代理之間的安全聯(lián)盟以供其對(duì)綁定注冊(cè)進(jìn)行加密性和完整性保護(hù)。另外在此基礎(chǔ)上對(duì)傳統(tǒng)的RRP過(guò)程進(jìn)行改進(jìn)優(yōu)化,并定義了一個(gè)檢驗(yàn)?zāi)Ｐ蛯?duì)優(yōu)化方案進(jìn)行檢驗(yàn),結(jié)果是該優(yōu)化方案減少了切換延遲,降低了鏈路時(shí)延對(duì)整體時(shí)延的影響。
[Abstract]:As the key technology of future Internet communication, IPv6's enormous address library can effectively solve the problem of IPv4 address shortage.Besides traditional communication, it can also be used in logistics network, smart home, intelligent automobile and intelligent wearable field.However, the quality of service, handoff delay and security issues are highlighted as its deployment unfolds.Especially in the aspect of security, its security threats are more complicated because of its mobility support.The current security policies used in mobile IPv6 are generally IPSec protocol and RRP method, which are used to guarantee the registration security of mobile nodes on home agent and communication node respectively.However, due to the defects of the protocol itself, the security and the difficulty of deployment are not well balanced in the actual deployment process.To ensure the security of mobile IPv6 communication, the most basic is to ensure the security of mobile node binding registration.Therefore, it is necessary to study how to ensure the communication security between mobile nodes and home agents in mobile IPv6.In this paper, the principle, working mechanism, related terminology and improved technology of mobile IPv6 are introduced in detail, and compared with mobile IPv4.Then the possible threats in mobile IPv6 are introduced, and the working principle, method and flow of IPSec and RRP protocols are described in detail.On this basis, a scheme is proposed to ensure the security of communication between mobile nodes and home agents by using transport layer protocols SSL/TLS and AAA.This scheme introduces an entity named HARR HARR Agent Resolver Router.The home agent resolves routing and uses this entity to establish a security alliance between mobile node and home agent for encryption and integrity protection of binding registration.In addition, the traditional RRP process is improved and optimized, and a test model is defined to test the optimization scheme. The result is that the optimization scheme reduces the handoff delay and the influence of link delay on the overall delay.
【學(xué)位授予單位】：云南大學(xué)
【學(xué)位級(jí)別】：碩士
【學(xué)位授予年份】：2016
【分類號(hào)】：TP393.08
，

本文編號(hào)：1742639