| At the beginning of the 21st century, as the mainstream of current computer technologies, post-PC is becoming more and more important. Therefore, significant research activities have been seen in the embedded system development, especially embedded networks development, which is the main part of post-PC. Embedded networks require access to the Internet to form embedded micro-internet, so that many services such as remote data collection, remote monitoring, remote maintenance, e-mailing, file transfer and industrial automation can be available on embedded micro-internet. Because of convenient information exchanges and Internet's extending into embedded systems, information security thus also becomes one of the most important concerns in the embedded systems development.To meet this requirement, a secure embedded networks system has been implemented based on IPSec protocol and current key technologies of real-time embedded networks. And some researches on improvements of embedded system's performance and reliability have been carried out. Finally some probably useful suggestions have also been proposed. The article is composed of 4 parts.Part 1 ( chapter 2 ) introduces the principle of real-time embedded system and embedded-networking system, including their characteristics and requirements. The status in quo and the development trend of real-time embedded-networking system is also introduced.Part 2 ( chapter 3 and 4 ) analyzes and designs the embedded-networking system based on Intel 386EX, VRTX RTOS and USNET. It includes chip selection, schematic circuit design, CPU selection and configuration, startup of the system, selection and configuration of embedded operation system, selection and configuration of TCP/IP software. It also describes some driver programming techniques of network controller.Part 3 ( chapter 5 and 6 ) briefly introduces encryption technology and the IPSec protocol system, including architecture, mode, security association, security policy, implementation mode, processing of in/out packet, ESP(encapsulation security payload), AH(authentication header), IKE(internet key exchange) etc. The security requirements of embedded-networking is also analyzed.Part 4 ( chapter 7 ) is about the study of highly efficient implementation of IPSec. Firstly, it narrates processing of in/out packet, constructing SPD(security policy database) and SADB(security association database), studying IKE, realizing the module of encryption algorithm by modifying USNET. Secondly, it introduces some ways to improve the capability of the whole system that has implemented IPSec. Finally, it brings forward a new plan on the capability improvement of the whole system.
|
PDF Full Text Request