通信学报

• 学术论文 •    下一篇

基于改进的diameter/EAP-MD5的SWIM认证方法

吴志军,赵 婷,雷 缙   

  1. 中国民航大学 天津市智能信号处理重点实验室,天津 300300
  • 出版日期:2014-08-25 发布日期:2014-08-15
  • 基金资助:
    国家自然科学基金资助项目(61170328);天津市应用基础与前沿技术研究计划基金资助项目(12JCZDJC20900);中央高校基本科研业务费专项基金资助项目(31122013P007, ZXH2012P004);中国民航大学研究生课程建设基金资助项目(2013)

Authentication method in SWIM based on improved Diameter/EAP-MD5

  • Online:2014-08-25 Published:2014-08-15

摘要: 广域信息管理(SWIM, system wide information management)采用面向服务的体系结构(SOA, service oriented architecture)提供民航信息交互与数据共享功能。在分析SWIM体系结构和基于Diameter协议的EAP-MD5应用子协议基础上,给出标准Diameter/EAP-MD5认证过程中存在的安全隐患,改进了EAP-MD5认证协议,提出基于改进的Diameter/EAP-MD5协议的SWIM用户身份认证方法,研究基于Diameter的SWIM认证服务,并在模拟的SWIM环境中对改进方法进行仿真实验和安全性分析。实验结果表明,改进的Diameter/EAP-MD5认证方法可在计算性能相当的前提下提高SWIM认证系统的安全性,为SWIM安全服务框架的构建提供保障。

Abstract: System wide information management (SWIM) provides the civil aviation information exchange and data sharing function by using service-oriented architecture (SOA). Based on the analysis of SWIM architecture and the sub-protocol EAP-MD5 of Diameter, the security vulnerable of authenticating process in standard Diameter/EAP-MD5 is explored, the EAP-MD5 authentication protocol is improved, and the SWIM authentication service based on Diameter is studied, then the SWIM authentication method based on improved Diameter/EAP-MD5 protocol is proposed. Experiments on the security of SWIM authentication service based on Diameter are performed in SWIM simulation environment, results show that the improved Diameter/EAP-MD5 authentication method can enhance the security of SWIM authentication and guarantee SWIM security service.

No Suggested Reading articles found!