This paper focuses on network access security of mobile Internet, introduces security threats and challenges with which mobile Internet is confronted, analyzes its network architectures and interface proto-cols, presents cross-network unified authentication and authorization technique, and then describes net-work access security requirements. Regarding to EAP-SIM and EAP-AKA security mechanisms, this pa-per investigates the processes of network access authentication and key agreement, as well as every network element and equipment's function in the evolved packet core networks. It is hoped that this study will give protection for authentication, confidentiality, and integrality between user equipment and access network. It also provides available references to building security protection mechanism of mobile Internet.%文中关注移动互联网网络接入安全性,介绍移动互联网面临的安全威胁,研究移动互联网的网络结构和接口协议,提出跨网系的统一认证与授权管理技术,阐述网络接入安全需求,针对EAP-SIM和EAP-AKA两种安全机制,分析网络接入鉴权与密钥协商流程,以及演进分组核心网络各网元设备功能,实现用户和网络之间的认证性、机密性和完整性的安全防护,为移动互联网网络安全体制建设提供理论依据与技术支撑。
展开▼
