| WMN, a new type of wireless network, is capable to provide mesh clients with multiple routes featuring flexible configuration, convenient deployment, large capacity and good robustness, all of which facilitate to meet the demands of clients. However, in the application, certain security issues, for instance, wiretapping, DoS, information falsification and the like, emerge more and more, due to its openness during the data transmission. And this kind of problems is still suspended, although some solutions existing such as 802.11s/i protocol and other based-on-routing-technolo-gy ones could protect wireless mesh network in a certain way in which actually problems are not cracked thoroughly. Although, the government, considering the safe condition of the network in our country, has put forward WAPI security protocol, which is better to meet the needs of information security by the public, the WAPI still needs to be perfected when applied to wireless mesh network. To solve the problem, a centralized authentication test system based on S-WAPI is developed referring to wireless mesh network at last.In the paper, at first, background of WMN, its structure and related critical technologies are introduced, and comparative analysis with other related networks are done to indicate its value in the application. And then, the WAPI is introduced completely, especially principle and work flow of authentication and data security, with focus on diagnosing the bugs of it, and corresponding solutions are formulated, such as making digital signature before clients sending their data packages can prevent from denying, sending key exchange request first by Ap node instead of STA node can prevent from DoS, confirming the key produced in the process of key consulting can prevent from wasting resource of the network, and optimizing the structure of digital certificate appropriately can make coding and decoding more efficiently. After that, the theoretical analysis result is given, and the framework of certification server based on S-WAPI protocol, authentication module, encryption and decryption module, and corresponding database are designed, all of which work well in independent occasions of the lab.Finally, a centralizing authentication system based on S-WAPI referring to wireless mesh network is developed, and some tests are done. In the tests, packets in authenticating process are got with the help of Netfilter while encrypted data and decrypted data are output by adding output program. Both test result and analysis indicate that the S-WAPI basically solves the shortcomings brought about in the process of applying the WAPI in wireless mesh network, and achieves the expected goals. Meanwhile, a preliminary S-WAPI program based on distributed authentication system is discussed, which would be a direction for the research in the future. |
PDF Full Text Request