A kind of implementation method of crossdomain multi-gatekeeper packet network key negotiation security policy, includes following steps: each terminal respectively determines its local security policy via signaling exchange with the gatekeeper it belongs to; according to the security policy of calling terminal and the key support ability of itself, calling gatekeeper determines the key negotiation protocol, and sends out key a negotiation request; called gatekeeper judges that whether it can execute the key negotiation request of the forwarded calling terminal according to the super priority protocol; the calling terminal determines whether continue to carrying out next signaling exchange according to the negotiatory security policy. The security policy implementation method of present invention can negotiate dynamically creditable session key, bind with the call authentication by use of cryptology, and realize the security policy of packet network. The security technology is compatible with exist standards. The dispose of security system is simple, and has no need of assuming of any additional security infrastructure method.
展开▼
