共查询到15条相似文献,搜索用时 125 毫秒
1.
2.
SS7是通信网的神经系统,对通信网络的运行发挥着重要的核心作用。介绍了SS7协议的模型,分析了SS7的第2级——MTP2的功能和过程,详细阐述了如何利用OPNET实现MTP2层功能的过程。 相似文献
3.
七号信令系统的安全性设计 总被引:2,自引:0,他引:2
在Internet和电信网络攻击事件日益频繁的情况下,由于七号信令(SS7)协议是完全公开的,SS7的各层消息也是完全透明的,因而需要考虑信令网的安全性设计问题。介绍了SS7底层的安全脆弱性,提出基于消息传递单元(MSU),采用类似于Internet中IKE与IPSec的信令密钥交换及信令安全封装协议,以解决SS7的安全性问题。 相似文献
4.
PKMv2协议研究 总被引:1,自引:0,他引:1
IEEE 802.16的安全子层采用了认证客户端/服务器密钥管理协议,在该协议中基站(服务器)能够对分发给客户端SS的密钥进行控制.IEEE 802.16系列标准的安全性主要基于PKM协议.在初始授权密钥交换期间,BS使用基于数字证书的SS认证对客户端SS进行认证.PKM协议使用公钥密码技术建立SS与BS之间的共享密钥,SS也使用PKM协议支持周期性重认证和密钥更新.文章首先分析了PKMv2中安全子层的协议栈,然后给出了相互认证、授权密钥生成和安全认证的流程.同时,从支持的认证算法、安全关联种类和加密算法等方面将PKMv2和PKMv1进行了比较,并对PKMv2可能存在的安全威胁进行了详细的分析. 相似文献
5.
七号信令网络安全威胁及防御框架 总被引:3,自引:0,他引:3
信令网络作为通信网络的神经系统,其安全威胁问题日益得到重视.从七号信令网络对外开放接口的角度,分析了SS7网络的潜在安全威胁,对SS7网络安全威啄进行了分类.结合网络安全防护的基本原则,并参考互联网安全模型给出了针对SS7网络的安全防御框架. 相似文献
6.
7.
No.7信令系统(SS7)是公用电话网的关键支撑系统,SS7网络最初作为封闭网络来设计的,整个网络由运营商完全控制,各实体高度信任。文章分别针对该系统的信令协议、网络节点和来自外部网络的安全威胁进行了分析,并从协议安全、边界防护和内部安全加固三个方面提出了构建信令系统防护体系的方案。 相似文献
8.
提出了一套基于RADIUS协议实现IEEE802.16a安全子层功能的方案。根据这个方案,建立一个专用的RADIUS服务器作为统一的认证服务器,BS把收到的来自SS的身份认证请求用UDP包发给RADIUS服务器,由后者完成相应的身份认证、授权及密钥生成的任务。引入RADIUS服务器的好处就在于能减轻BS的处理负担,使得网络在大量SS存在的情况下仍然能稳定的运行。 相似文献
9.
七号信令系统(SS7)以其高效率,灵活性正在深入数字电话交换同和ISDN实验同中。随着SS7的开通,对其测试、维护的需求日益迫切。本文遵照CCITT1988年1月颁布的七号信令测试规范修正草案,就故障检测工具提出七号信令协议分析仪的设计思想,讨论了两种设计方案,对实现过程中遇到的问题给出了有效的解决办法。 相似文献
10.
11.
Jabbari B. 《Proceedings of the IEEE. Institute of Electrical and Electronics Engineers》1992,80(4):607-617
The routing and congestion control function of Signaling System No.7 (SS7) are described. The elements of the SS7 protocol functional division include message transfer part (MTP), signaling correction control part (SCCP), ISDN user part (ISUP), and transaction capabilities (TC). The routing function, which takes place at the MTP and SCCP, and the congestion control function, which is present in multiple layers, are discussed. This includes MTP level 2, MTP level 3 by signaling traffic flow control procedures, and flow control for connection-oriented services of SCCP. To illustrate the unique capabilities present in SS7, the routing and congestion control functions in SS7 are compared to other common connectionless network layers. Performance considerations in routing and congestion control are discussed 相似文献
12.
Congestion controls in SS7 signaling networks 总被引:1,自引:0,他引:1
13.
从无线链路与ATM网络2方面阐述了第3代移动通信系统的安全问题,重点讨论了将安全层置于ATM协议栈中不同位置时所对应的4种方案,并据此提出了一种可行的ATM安全协议结构. 相似文献
14.
This paper provides a detailed architecture and demonstration system for a new combined Worldwide Interoperability for Microwave Access (WiMAX) and Dedicated Short Range Communications (DSRC) network layer design for providing Internet access to vehicles. The overall design consists of subscriber station (SS) vehicles, cluster head relay station (RS) vehicles, WiMAX base stations (BSs), and Internet access gateways (IAGs). Here RSs serve as intermediate relays for serving virtual WiMAX connections to SS vehicles, relying on a WiMAX backend network for Internet connectivity. Simulation results show that our proposed system significantly improves the overall system efficiency as compared to the conventional WiMAX-only system, motivating a design of a complete WiMAX/DSRC Internet access architecture. The first main focus of this paper is on the layer 3 network protocol (L3NP) operating between the access concentrator (AC) in the SS instances and the Network Server (NS) component of an IAG, which provides Internet service to user applications. The second main focus of this paper is on the WiMAX backend network protocol (WBNP) and backend connection networking for handling traffic between the BS nodes and the IAG node providing the L3NP service to the vehicles. Finally, the third main focus of this paper is on the demonstration system design which takes all of the above mentioned elements, namely SS, RS, BS, and IAG modules, network entry functionality, to network protocol settings and behaviour, and implements them in an object-oriented design for accurate scenario performance and feasibility testing. The demonstration system implements tunnelling of protocols in the same way as an actual implementation, but uses virtual network devices for each module to facilitate communications. We provide example use cases for using our proposed architecture design with our provided demonstration system to serve as a useful tool to vehicular communications and networking engineers/researchers, that can be reconstructed and adapted as needed for derivative designs and scenarios. 相似文献
15.
GSM与CDMA移动信令差异分析与消息解码 总被引:1,自引:0,他引:1
本文介绍GSM MAP与CDMA MAP之间的差异问题,以及所涉及的协议差别,着重介绍它们在TCAP层的差异及解码.有利于我们实现MAP信令监测系统以及更好地理解信令监测结果,对于更好地维护、管理和优化移动网络,提高网络运行质量具有重要意义. 相似文献