| L2TP下可信的VPN方案设计与实现 |
| |
| 引用本文: | 黄浩,谢冬青.L2TP下可信的VPN方案设计与实现[J].计算机工程,2006,32(20):157-159. |
| |
| 作者姓名: | 黄浩 谢冬青 |
| |
| 作者单位: | 1. 湖南大学计算机与通信学院,长沙,410082
2. 中国科学院软件所计算机科学重点实验室,北京,100081 |
| |
| 基金项目: | 科技部科技成果重点推广项目 |
| |
| 摘 要: | 提出了一个用CA+对称L2TP路由器的模型,该模型身份认证和密钥由数字证书来完成,而加密和数据完整性认证则由L2TP路由器完成。和现有LAC+LNS的接入方案比较,该方案明确和简化了工作内容,并且解决了L2TP隧道内多路呼叫独立安全的问题。L2TP路由器在考虑了Linux内核的特点后,进行架构的设计来完成数据的处理。试验表明该方案兼顾了安全和性能,提供了一个高速可信的VPN解决办法。
|
| 关 键 词: | L2TP CA 数字证书 IPSec UDP |
| 文章编号: | 1000-3428(2006)20-0157-03 |
| 收稿时间: | 11 18 2005 12:00AM |
| 修稿时间: | 2005-11-18 |
Design and Implementation of Authentic VPN Scheme Using L2TP |
| |
| HUANG Hao,XIE Dongqing.Design and Implementation of Authentic VPN Scheme Using L2TP[J].Computer Engineering,2006,32(20):157-159. |
| |
| Authors: | HUANG Hao XIE Dongqing |
| |
| Affiliation: | 1. College of Computer and Communication, Hunan Univ., Changsha 410082; 2. Key Laboratory of Computer Science, Institute of Software, Chinese Academy of Sciences, Beijing 100081 |
| |
| Abstract: | This paper proposes a model using CA plus symmetrical L2TP routers, the digital certificate fulfills identity-authentication and key distribution, the L2TP router fulfills encryption and data-intergrity. Compared with the present method using LAC plus LNS, the scheme distinguishes and simplifies the work, and it solves the problem that multiple calls in a L2TP tunnel are independently secure. After considering the feature of the Linux kenel, it designs the architecture of the L2TP router to deal with VPN data. The experiments show that the scheme gives attention to security and performance, it provides a speedy and authentic VPN solution. |
| |
| Keywords: | L2TP CA IPSec UDP |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
| 点击此处可从《计算机工程》浏览原始摘要信息 |
|
点击此处可从《计算机工程》下载全文 |
|
