With the continuous development of the converged network, the types of equipment increase and each has different device identification. The existing SNMPv3 program by using engineID to identify equipment?s legal status and confirm the security of message transmission can?t meet the safety management for complex equipments in converged network. The concept of device fingerprint is proposed in accordance to specify and mark kinds of equipments in converged network with its structure defined and generation method designed specifically. The local-key generation program based on device fingerprint and the improved authentication and encryption process of network message are described. Experiment by expanding the definition of MIB and dynamically generating device fingerprint show this scheme protecting the security of network communications in the message authentication and encryption process and achieving security management for complex equipments in converged network. Finally, this study analyzes the safety and practicality of using this scheme in converged network.
展开▼