Design And Implementation Of Access Authentication Protocol For Mobile Node In The New Internet

The Internet has become an indispensable infrastructure for human life and work,the dedicated network based on TCP/IP protocol has also been widely used.However,the inherent defects of TCP/IP protocol caused by multiple semantic problems of IP address have begun to make negative impacts on the construction,management and application of dedicated network.Therefore,develop New Internet which can meet the requirements of dedicated network has become more and more important.In New Internet,the access authentication protocol for mobile node is an important part of network security.After studying the existing authentication mechanisms domestic and overseas,this paper proposes a mobile node access authentication protocol based on the New Internet unicast identification communication protocol and the mobile node handover protocol.Firstly,this paper introduces the current research on the authentication mechanisms domestic and overseas,then analyzes the advantages and disadvantages of existing solutions.Secondly,this paper introduces related mechanisms in New Internet,such as the networking model,the definition of the home domain and the outer domain,and the mobile node handover mechanism.Then,the advantages and identification process of the Tri-element Peer Authentication are described in detail.Based on above mechanisms,this paper designs a New Internet mobile node access authentication protocol in which the requirements of dedicated network and the characteristics of mobile node are considered.In the designing of the protocol,this paper describes the design ideas,registration process,initial access process,re-authentication process,and message format of access authentication machanism,and the security of protocol is analysed.According to the content of the protocol,this paper designs an access authentication system used in New Internet,which including three functional entities includes mobile node,access switch router and authentication center.Each functional entity consists of several functional modules,such as a registration module,an authentication processing module and a communication module.As mentioned above,the registration and authentication stipulated in the protocol are completed,and the bidirectional authentication between the three functional entities is realized.The authentication system is completed by C language in Linux system,and tested in laboratory environment.It is verified that the proposed scheme is achievable and could meet the requirements.Finally,the work of this paper is summarized,and the prospects of future work is put forward.