| Nowadays the mobile communication has entered the third Generation times, the carrying network of the mobile communication system is developing to flat and all over the IP on the base of the NGN network architecture, with the development of the Internet and the user's increasing demand of the mobile digital services, the concept of mobile Internet was proposed as the main profit growth point in the future, especially the next generation mobile network framework proposed by China Mobile, which is a flat and all over IP mobile carrying network architecture integrating the P2P technology. In this background, the VoIP technology which transfers the voice data through IP datagram and realizes voice calls through the packet switching technology gets vigorous development. Compared with the current extensive used analog circuit communication technology, it has lots of advantages. Such as simpler network structure, more integration of the business, more varied service type, more low cost, easier to attract customs and so on. So it will become the first choice of mobile user's voice calls business in the near future. Although the development trend of the VoIP technology is irreversible, as the inherent security problem of the traditional packet switching mode and the open feature of the future network architecture, VoIP technology faces numerous security problems, the most outstanding are two aspects: one is the security of the terminal access user's indentity and personal information and the other is the trust problem among users.In order to protect the security of the VoIP system user's voice data and personal data, this thesis puts forwards a Two-way user authentication and key agreement protocol based on PKI. This protocol makes full use of the digital certificate of the PKI and it has the advantages of high safety, asymmetric, easy operation and so on. This thesis also analyzes the safety of the protocol and discusses the algorithm negotiation mechanism which is used to protect the confidentiality and integrity of the voice and signaling data in the VoIP system.According to the lack of the mechanism to describe and evaluate the trust relationship among the members of the VoIP system, this thesis proposes a new trust model based on the Bayesian probability prediction theory and the weighted thought. The model describes the node's trust value in several aspects, including the power of the node, online time, history data record and so on. The thesis also gives the calculation formula to calculate the trust model and it's reasoning process and a detailed description of the process to gain, calculate and update of the trust value.The last part of this thesis introduces the design and implementation of the prototype system, especially in detail describing the module partition and working process.Thus verificating the effectiveness and feasibility of the VoIP security mechanism through the realization of the prototype system. |
PDF Full Text Request