| With the development of network, users'demand on network changes persistent. Already moved towards application, the IPv6 protocol still lack the mechanism of node real-name identity and global access control, and is unable to realize the both sides identity confirmation and mutual trust, also It's hard to perform global access control and authorization according to host identity. a host real-name architecture based on the HIP protocol can deal with these problems very well.IETF design a new protocol HIP which introduce a new naming space HI to represent the identity of the host, and the IP address is only used for routing. And in order to make the HIP compatible with the current IPv6 network, HIT the hash result of the HI has been introduced.The design of the HIP distinguish the identity of the host from the location information, and makes the security of the mobile host possible. IETF have implemented HIP for testing, but there is not an implementation can get through a public way for other researchers.At first, we analyze the background of HIP, and some basic concepts of HIP are explained. And then, the basic communication process of HIP is analyzed in details, including the process of the setup of secure connection in basic communication, message type, format in basic communication and the transportation process of packets. According to all of the analysis, two schemes of HIP basic communication are presented. By comparing the advantages and disadvantages of these two schemes, we finally choose to implement HIP communication in kernel modules. After that, we design the application procedure interfaces for aware application using C , and analyze important data structures and major functions. In the part of implementation, the software process flow of main messages in basic communication as well as main data structures and main functions are analyzed. In the last part, the test work for native HIP API modules is done and the result is analyzed. |
PDF Full Text Request