Research On Admission & Access Control Of Satellite Network Management System

The satellite networks technology is an inevitable trend of information development in the future.It plays a vital role in the country information security and strategic benefit.The space environment's complexity together with its vulnerability makes it vulnerable to external attack.The admission&control mechanism and access&control mechanism based on satellite networks management have been researched in order to check hostility node to admit the network and check user's unauthorized access the system.The purpose of admission&control mechanism is to prohibit illegal hostility agent node from admitting to the satellite networks management system. In allusion to the peculiarity of satellite network management structure, The diplex admission&control mechanism is put forward that based on security certificate and session key agreement authentication.Through the mechanism the management system can be adaptively adjusting and updating admission&control policy according to the run status in the mechanism. When the satellite agent cross-domain move, through the mechanism can admit to the management station quickly and reduce the interactive number and times between the satellite agent and management station to improve management efficiency.At last,five admission&control service primitives which accord with the ASN.1 standards are designed to accomplish the mechanism and the parameters in the satellite MIB are also further extended.Preventing the network resources from unauthorized use and unauthorized access and ensuring network security is the purpose of access&control mechanism. We put forward an access&control model based on the context environment and trust named CTTRBAC.This model adequately considers the user'behavior, historical behavior regulation and trust value. Not only the user allowed to be authorized to access the resources until its action correspond with the historical behavior regulation and the trust value achieve the demand'level. The access&control mechanism also considers the context running environment of the network management system. According to three satellite network security situations, normal, congestion and emergency, the model adaptive adjust restriction of context conditions and trust to achieve a dynamic access&control.Finally, the paper simulate the satellite-agent's admission&control system and the access&control model. The results show that the authentication based on security certificate and key agreement and the access&control mechanisms named CTTRBAC can meet the secure needs of satellite network management at a certain extent.