计算机工程 ›› 2007, Vol. 33 ›› Issue (01): 151-152.doi: 10.3969/j.issn.1000-3428.2007.01.052

• 安全技术 • 上一篇    下一篇

现代网络安全:SIP网络中的DIAMETER鉴定

达米卡   

  1. (华东理工大学计算机系,上海 200237)
  • 收稿日期:1900-01-01 修回日期:1900-01-01 出版日期:2007-01-05 发布日期:2007-01-05

Modern Internet Security: DIAMETER Authentication in SIP Networks

Dhammika Weerapperuma   

  1. (Department of Computer Science, East China University of Science and Technology, Shanghai 200237)
  • Received:1900-01-01 Revised:1900-01-01 Online:2007-01-05 Published:2007-01-05

摘要: 作为整个现代网络安全的基础,该文提出了验证的概念,它是会话初始化协议(SIP)网络中合并了可扩展认证协议(EAP)验证体系的一种机制。研究表明,SIP验证可以由EAP验证体系进行扩展而现有的AAA基础结构可以为SIP用户再次用于验证。实施验证的过程中使用了DIAMETER基础协议。这个基本协议工具使用低权目录访问协议(LDAP)而且必须使用接口,DIAMETER网络访问服务器请求(NASREQ)应用命令码的一个子集和AVP以在运行中实现扩展验证协议(EAP)传输。

关键词: RADIUS, DIAMETER, 会话初始化协议, 网络访问服务器请求, 可扩展认证协议

Abstract: With undertaking the entire basis for the modern Internet security, authentication; a mechanism is proposed here which incorporates the EAP authentication framework to SIP (session initiation protocol) network. This paper shows SIP authentication can be extended via EAP (extensible authentication protocol) authentication framework and existing AAA (authentication, authorization and accounting) infrastructure can be reused for authentication of SIP users. The authentication is implemented using DAIAMETER base protocol. The base protocol tools using lightweight directory access protocol (LDAP) interface must be used, and subset of the DIAMETER NASREQ (network access server request) application command code and AVP must be used for extensible authentication protocol (EAP)transport while implementation.

Key words: RADIUS, DIAMETER, SIP, NASREQ, EAP