针对Split场景下,MIP6认证与授权服务器分离时的授权问题,提出了一种基于diameter协议的方案。授权服务器在授权MIP6服务时,先通过认证服务器对移动节点进行身份认证,然后为移动节点和MIP6服务提供者建立信任关系,完成授权过程。本文还采用BAN逻辑对协议的安全性进行了形式化证明,并比较分析了本协议的性能。分析表明本协议比同类协议更高效。% According to the authorizing issues when the authentication and authorization servers are separated in mip6,this paper gives a secure authorization solution based on diameter protocol.When the authorization server authorizes MIP6 service to the mobile node,it communicates with the authentication server to verify the mobile node, and then it sets up a trust relationship between the mobile node and the home agent.This paper also proves the security of authorization solution using BAN logic,and compares the performance of this solution with other related solution.
展开▼
