下一代无线网络安全垂直切换的理论与方法研究

项目名称： 下一代无线网络安全垂直切换的理论与方法研究

项目编号： No.61201220

项目类型： 青年科学基金项目

立项/批准年度： 2013

项目学科： 电子学与信息系统

项目作者： 李光松

作者单位： 中国人民解放军信息工程大学

项目金额： 25万元

中文摘要： 本项目针对下一代无线网络涉及的安全垂直切换问题开展系统研究，将链路层和网络层的切换认证与优化技术进行综合考虑，目标是建立一套安全、高效、灵活的垂直切换方法和技术。首先，在统一的安全假设基础上，研究同时支撑链路层、网络层及MIH子层安全机制的密钥管理方案，为各层相关实体分别提供具有兼容性的密钥建立方法和管理机制。其次，利用MIH信息服务研究安全的网络发现机制，基于预授权方法研究跨信任域情况下漫游用户的本地化安全接入协议，利用子网通用转交地址研究本地注册主导的移动IP安全切换技术。最后，应用跨层设计的理论和方法，研究链路层切换认证、新转交地址注册、数据转发等操作多径并行的跨层安全垂直切换协议。我们期望在面向多层安全机制的密钥管理、本地注册主导的移动IP安全切换以及多径并行的跨层安全垂直切换方面取得突破，为下一代无线网络实时业务的广泛应用提供理论和技术支撑。

中文关键词： 异构网络；垂直切换；安全；认证；

英文摘要： This project is about secure vertical handover for next generation wireless networks. Handover authentications and optimizations at link layer and network layer are considered together to design a set of vertical handover methods and techniques with security, efficiency and flexibility. First, based on the same security assumptions, key management scheme is studied to support security mechanisms at multi-layers (i.e. link layer, network layer and MIH sublayer), which will provide different entities at each of the three layers with compatible key establishment methods and key management mechanisms. Second, secure network discovery mechanism is studied using MIH information service, localized secure access protocol is studied based on pre-authorization for inter-domain roaming users, and secure mobile IP handover protocol is studied, featured with localized registration. Finally, cross-layer secure vertical handover protocol is studied based on cross-layer theories and methods, which is characterized by multi-path concurrently executing, namely, link layer authentication, new care of address registration, data forwarding etc. Breakthroughs are expected in key management scheme oriented to multi-layer security mechanisms, secure mobile IP handover protocol featuring localized-registration, and cross-layer secure ve

英文关键词： heterogeneous networks；vertical handover；security；authentication；