一个可切实服务于运营商的移动无线因特网

本文在简单介绍了移动IP及其路由优化，无线局域网（WLAN）和GPRS的基础上，提出了一个新的利用移动IP来融合WLAN和GPRS的移动无线因特网的网络结构，详细论述了其多连接的路由过程，平滑垂直切换，AAA，并做了简要的性能分析。     

Diameter NASREQ协议在卫星移动通信系统中的应用研究

如何对接入网络的用户进行身份认证、授予相应权限并进行计费,是卫星移动通信系统网络管理需解决的重要问题。简要介绍认证、授权、计费(AAA)的基本概念,分析Diameter协议框架、协议原理以及协议应用于网络接入的特点。阐述协议中包含的各种应用,给出Diameter NASREQ应用的一种系统模型。重点研究Diameter NASREQ协议在卫星移动通信系统中的应用,详述应用中客户机和服务器中各模块的功能和工作原理。通过分析,说明该应用的可行性及有效性。     

基于perl维护网络设备本地认证帐号的方法

大型网络运行着许多网络设备,网管员可以采用本地认证方式来登录到这些设备进行相关操作。对于大量设备和帐号信息,可使用Excel表来管理,但这些帐号信息必须同步到相关设备才有意义,若采用手工方式来同步既繁琐又费时。针对这个问题,借助perl脚本程序,基于该Excel表,对这些网络设备的用户帐号进行维护,不失为一种可行方法。     

移动IP的注册

3G网络正逐步向全IP网络演进,在这样的网络中,移动IP将被广泛使用。支持移动IP的终端可以在注册的家乡域中移动,或漫游到其他外地域。当终端要接入到网络,并使用所提供的各项业务时,就需要严格的AAA（验证、授权、计费）过程。AAA服务器要对移动终端进行认证,授权允许用户使用的业务,并收集用户使用资源的情况,以产生计费信息。     

基于Diameter的移动IPv6 AAA系统研究

针对移动IPv6 AAA的特点、要求和存在的问题,提出一个基于Diameter协议的移动IPv6 AAA系统的解决方案.该方案除了支持多种EAP认证方式、支持域间漫游及计费功能外,还支持各种接入技术,具有小的移动节点的切换延迟和高的认证安全性.     

Development of Self-Configuring Simulation System for Propelling AAA Fire Control

In this paper, the overall structure design of the Ethernet-based and distributed simulation system for propelling （AAA） fire control is proposed with introducing the concept of system self- configuring pattern. The advantage of this system self-configuring pattern is easy and flexible to configure the modules of the simulation system without doing much more reprogramming work, when the simulation system is needed to add or reduced the modules and simulation computers, and the scale of simulation system is needed to changed. Also the system is structured with standardized and modularized design procedures on the Windows OS platform.     

一种基于Diameter协议的NAS模型

随着日益复杂的路由器和网络接入服务器大量投入使用,使得当前AAA协议在安全性和稳定性上的缺点日益明显。基于Diameter、EAP和PANA协议,设计了一个础诅接入服务器模型。该模型覆盖了Diameter NASREQ应用和EAP应用、PANA协议中PAA和EP的功能,以及EAP协议中认证者的功能。对原型系统进行了系统测试,测试结果表明,原型系统基本实现了Diameter、EAP和PANA协议对网络接入服务器的要求,具有较好的安全性和稳定性。     

IP address allocation protocols in vehicular ad hoc networks

In vehicular ad hoc networks (VANETs), communication takes place between vehicles to vehicles, the vehicles to the road side units, and vice-versa. The basic purpose of these communications is to share and exchange tremendous amount of data and information. For efficient information sharing, a systematic and structured connection establishment algorithm is needed. In VANETs, each connected node of the network need to be assigned a unique address. Hence, an algorithm is needed for the proper assignment of unique address to all nodes in the network. This paper explains different types of IP address protocols in VANETs. We have also explained advantage and disadvantage of existing IP address allocation protocols in VANETs.     

PANA与Diameter协议结合的体系结构

通过分析Diameter协议和PANA在工作模式及协议结构方面的结合性,提出一套将两者结合使用的完整方案,包括两者结合点关键设备的体系结构和基于Open Diameter开源软件包的实现方法。实验结果证明,该方案可以满足网络系统对认证、授权、计费的复杂要求。     

Providing EAP-based Kerberos pre-authentication and advanced authorization for network federations

Kerberos is a well-known standard protocol which is becoming one of the most widely deployed for authentication and key distribution in application services. However, whereas service providers use the protocol to control their own subscribers, they do not widely deploy Kerberos infrastructures to handle subscribers coming from foreign domains, as happens in network federations. Instead, the deployment of Authentication, Authorization and Accounting (AAA) infrastructures has been preferred for that operation. Thus, the lack of a correct integration between these infrastructures and Kerberos limits the service access only to service provider's subscribers. To avoid this limitation, we design an architecture which integrates a Kerberos pre-authentication mechanism, based on the use of the Extensible Authentication Protocol (EAP), and advanced authorization, based on the standards SAML and XACML, to link the end user authentication and authorization performed through an AAA infrastructure with the delivery of Kerberos tickets in the service provider's domain. We detail the interfaces, protocols, operation and extensions required for our solution. Moreover, we discuss important aspects such as the implications on existing standards.