移动IPv6下认证、授权和计费的实现方案

提出了移动IPv6下与现有的IPsec共存的AAA实现方案，解决了移动IPv6使用中出现的问题。该实现方案采用增加的移动选项结合AAA服务器实现移动节点的认证授权。     

移动IP与SIP集成应用中优化的AAA过程

在移动IP和SIP分别实现网络层和应用层移动性管理的多层多协议移动性管理方案中,当两种协议独立进行AAA操作时,存在缺乏效率的问题。为解决该问题,提出优化方案——“移动IP与SIP集成应用中优化的AAA过程”(OAPIMS)。在新一代AAA协议Diameter环境下,通过移动注册时,对两种协议的操作信令进行优化,减少了信令交互次数,达到提高效率的目的。分析表明,该方法可以明显降低信令开销,减少时延,提高系统性能。     

集成AAA的HMIPv6认证与注册方案

在下一代互联网中,需要使用AAA保证网络安全和网络资源合理使用,但是AAA与移动IPv6的结合,对切换性能及网络安全带来影响,而切换与安全是移动环境的关键问题。论文提出了新的解决方案,将HMIPv6与AAA结合,实现认证与注册过程的统一及本地认证,提高切换性能,并在注册与认证的过程中对消息进行加密,保证传输的安全。分析表明,本方案实现了AAA机制与移动管理机制安全高效的融合。     

一个可切实服务于运营商的移动无线因特网

本文在简单介绍了移动IP及其路由优化，无线局域网（WLAN）和GPRS的基础上，提出了一个新的利用移动IP来融合WLAN和GPRS的移动无线因特网的网络结构，详细论述了其多连接的路由过程，平滑垂直切换，AAA，并做了简要的性能分析。     

AAA在移动IP中的应用探讨

移动IP解决了移动节点在不改变IP地址的情况下的漫游问题,移动节点在漫游时,外地域通过AAA 服务器对其进行安全认征、授权、计费。本文探讨了一种AAA下移动IP的认证注册方案。在注册过程中利用公钥和对称密钥实现移动节点和网络的双向认证。     

基于扩展邻居发现协议的嵌套移动网络路由优化方案

嵌套移动网络在扩大通信范围的同时会带来严重的路由优化问题。针对已有优化方案在可部署性和性能等方面的不足提出了一种新的嵌套移动网络路由优化方案（NMNRO）,通过扩展邻居发现协议,在嵌套移动网络内通告相同的外地前缀,并更新接入路由器的邻居缓存和移动路由器的路由表,然后通过向对端发送绑定更新来实现路由优化。性能分析表明,该方案为嵌套移动网络提供了较为完整的路由优化方案,在降低优化开销的同时,具有较好的可部署性和兼容性。仿真实验结果表明该方案具有较低的切换时延和较高的有效吞吐量,且这些性能优势会随嵌套层数的增加而更加明显。     

基于移动IPv6的安全研究

本文针对移动IPv6家乡注册和通信节点注册这两个过程的安全问题,以及目前的解决方案IPSec和RRP在应用中的一些问题,提出了一种改进的绑定更新方案,利用802.1x和AAA技术实现了该方案的一部分。     

下一代网络智能认证、授权和计费问题研究

用户在接入网络和使用网络服务时,过多的账号对身份认证、授权和计费(AAA)带来不便,并且许多网络服务提供商因没有合适的AAA手段而发展受限。针对上述问题,提出智能AAA的方案,设计了智能AAA的结构,并采用了基于SOAP的安全断言(SAML)来解决智能AAA与其它服务提供商信息交互的问题,最后给出了完整的身份认证流程。分析表明,智能AAA可以对用户的认证、授权和计费做到统一智能管理,为用户和网络服务商带来很大的便利。     

移动IP中AAA体系的研究

本文在介绍移动IP结构和原理的基础上,详细论述了AAA体系,尤其是在移动IP大规模商用化过程中所起的重要作用.最后提出了一种可供运营商在现实中采用的AAA体系,它的特点是分等级的用户身份验证以及网间结算.     

开放无线接入网AAA功能实现方案

本文在分析开放无线接入网(RAN)体系结构中安全功能的基础上,针对其中的认证、授权和计费(AAA)功能,结合IETF的AAA体系结构的比较,提出了开放RAN体系结构中AAA功能的实现方案。     

OFDM系统中采用自适应天线阵列的下行分组调度算法研究和性能比较

基于OFDM下行系统,提出并比较了自适应天线阵列和分组调度算法结合的三种方式:(1)分组调度选择用户,自适应天线服务用户;(2)自适应天线参与选择用户,并且服务用户;(3)空分方式选择用户,自适应天线服务用户.仿真结果显示自适应天线阵列可以明显提高小区吞吐率等指标,并且(2)和(3)的性能优于(1).     

AAA: a survey and a policy-based architecture and framework

The commercialization of the Internet has led to a large variety of business models based on Internet technology. Therefore, the demand for standardized and efficient solutions in support of reliable, secure, open, and flexible remote and mobile service accesses has increased. Existing authentication, authorization, and accounting systems still consider dedicated cases, but lack a generic approach. More general AAA services can be built by extending existing mechanisms and protocols for access scenarios other than dialup or PPP connections. While this work is performed mainly by the IETF AAA Working Group, another approach proposed by the IRTF AAAArch Research Group is termed AAA Architecture. This article surveys the state of the art in AAA and develops a new generic policy-based approach, A/sup x/, for AAA services and beyond, considering flexible levels of various services in an Internet service model, ranging from connectivity to content services.     

AAA architecture for mobile IPv6 based on WLAN

Mobility support for Internet devices is quite important for consumer electronics. The number of the hand‐held devices is growing quickly. However, there are not enough IP addresses for the number of the rapidly growing devices in the All‐IP generation. Internet Protocol version 6 (IPv6) was therefore adopted to solve these problems. Our purposed structure is based on IEEE 802.11. However, IEEE 802.11 has a serious security drawback. Further, from the Internet Service Providers' point of view, accounting is a potential problem. A mechanism combining Mobile IPv6 and AAA based on IEEE 802.11 to overcome these problems is essential. Both Internet Protocol version 4 (IPv4) and IPv6 support IP security (IPsec) when data packets are exchanged across the IP network. IPsec operates at the IP layer. It can support system authentication and authorization, However, it lacks a system accounting function. Therefore ISPs cannot establish correct billing for their services. This is the reason why we chose to combine the wireless network and AAA functions. In this paper, the AAA mechanism is used to protect security, with the architecture having authentication, authorization, and accounting functions. We will discuss the benefits of AAA and state the reason why we choose to combine AAA with the mobility architecture. Copyright © 2004 John Wiley & Sons, Ltd.     

下一代互联网AAA认证系统演进过程研究

分析了IPv6的3种过渡技术,并结合2种过渡技术提出了下一代互联网AAA认证系统演进策略,即第一阶段实现IPv6属性支持、第二阶段实现IPv4和IPv6双栈化、第三阶段实现IPv6单栈化。     

ID-Based User Authentication Scheme for Cloud Computing

In cloud computing environments, user authentication is an important security mechanism because it provides the fundamentals of authentication, authorization, and accounting (AAA). In 2009, Wang et al. proposed an identity-based (ID-based) authentication scheme to deal with the user login problem for cloud computing. However, Wang et al.'s scheme is insecure against message alteration and impersonation attacks. Besides, their scheme has large computation costs for cloud users. Therefore, we propose a novel ID-based user authentication scheme to solve the above mentioned problems. The proposed scheme provides anonymity and security for the user who accesses different cloud servers. Compared with the related schemes, the proposed scheme has less computation cost so it is very efficient for cloud computing in practice.     

Hybrid multilayer mobility management with AAA context transfer capabilities for all-IP networks

This article presents a multilayer mobility management scheme for all-IP networks where local mobility movements (micro-mobility) are handled separately from global movements (macro-mobility). Furthermore, a hybrid scheme is proposed to handle macro-mobility (mobile IP for non-real-time services and SIP for real-time services). The internetworking between micromobility and macro-mobility is implemented at an entity called the enhanced mobility gateway. Both qualitative and quantitative results have demonstrated that the performance of the proposed mobility management is better than existing schemes. Furthermore, a context transfer solution for AAA is proposed to enhance the multilayer mobility management scheme by avoiding the additional delay introduced by AAA security procedures.     

A frame synchronization method for adaptive array antennas in digital mobile communications

This paper proposes a frame synchronization method for an adaptive array antenna (AAA) used in digital mobile communications. The proposed scheme, which is based on the maximum likelihood estimation (MLE), calculates error signals by subtracting a training sequence convolved with an estimated channel impulse response from the AAA outputs and searches for the timing that minimizes the mean squared errors. Because the proposed scheme can effectively exploit delayed paths of the desired signal, it can improve the synchronization performance on frequency-selective fading channels. Computer simulations show that the proposed scheme can operate properly even in interference-rich fading environments and that it can significantly improve the synchronization performance.     

AAA authentication for network mobility

Network mobility (NEMO) is a protocol proposed for the mobility management of a whole network.It offers seamless Internet connectivity to the mobile end users.However,the NEMO protocol has not been wid...