| The packet data service node (PDSN), as the core node for CDMA 2000 system to realize the packet business, supports two ways for mobile station to connect to the Internet: Simple IP and Mobile IP.But the registration data and the packet data of Mobile IP are transferred through the Internet, which is not secure. IPSec is required to protect these data by 3GPP2 .Base on the security requirement of PDSN; the article has been dealt with the two problems: the design and realization of IPSec system; the security problem of Mobile IP.According to the Construction of FreeS/WAN, the IPSec system used in Linux, the article designed and realized the IPSec system fulfilled PDSN .The system is consist of two main parts: The first part is Klips, which can encrypt a decrypt the packet data. The second part is Pluto, which can build the security association (SA). The article described the design and realization process of IKE particularly .Because IKE is the core of IPSec, the article studied the threatener, such as replay attack, IKE faced. The article gave the answer to these problem .The article still introduced the next generation IKE protocol - IKEv2.Mobile IP, as a new technique, to be used large-scale apply to the CDMA 2000 system for the first. This text is detailed to analyze the security request of its protocol with the node's security request, and analyzed the protocol's security mechanism with the important point to realizes.Aim at the practical system to need authentication, authorize and accounting (AAA), this text bring upped a RAIUS/ AAA construction with Mobile IP in the CDMA 2000 system, which can accounting with more backup, and can reduce the negotiation number of times of SA, and increased the efficiency.During the coding, the article designed a memory chain to manage the system memory .It can prevent the revealing efficiently. Once the memory is revealed, it can tell the position quickly... |
PDF Full Text Request