| In order to communicate from anywhere and at anytime, communication networks are transforming form wired/fixed to wireless/mobile ones. What's more, the demand of broad-banded wireless access has gone beyond the capacity of the cell networks. Wireless local area network(WLAN),as a combined product of the network and the wireless communication technology , has attracted continual attention for its convenience, flexibility and cheapness. Nowadays, one application model of WLAN is that built personally of by companies themselves, the other is that built by mobile operators to provide continuous access to public wireless LAN(PWLAN) hot-spot connections. Concerning the openness of the WLAN, the security has become one of the most important obstacles for achieving market improvements. As one part of the research work on security architecture for PWLAN, which is funded by Hi-Tech Research and Development Program of China, this dissertation focuses on technology of foreign roaming and remote access in PWLAN. This dissertation firstly analyzes PWLAN security architecture and technologies, followed by the importance and functions of foreign roaming and remote access technologies in PWLAN, as well as the present research situation and existing problems in these areas;then introduces the basic concept and principle of Mobile IP and VPN, focuses on the tunnel and encryption technology which have close relations with them;and makes a detail research on Linux operating system network architecture and implementations related to this dissertation: Socket API, firewall and access control technology based on iptables, policy routing, tunnel modules and devices, system secure encryption modules and API, and then describes the design scheme of our PWLAN access control system. Secondly we focus on the implementation of Mobile IP in access controller, which includes the mobile node based on windows platform and the integration Home Agent/Foreign Agent with access controller; and the implementation of PPTP and IPSec VPN, which includes authentication, authorize and the network management technology based on SNMP. Finally the dissertation is concerned with constructing a test bed for our Mobile IP system and VPN system respectively. Under the test environment, we analyze every technology parameters of the system in detail. The result demonstrates the validity of the system.
|
PDF Full Text Request