Design And Realization Of Fast Authentication And Authorization Model Based On MIPv6

With the rapid development of network and the dramatic increase in the number of users, the current IPv4 protocol is facing an embarrassing situation that IPv4 addresses are depleting. IPv6 protocol is proposed for the problem that IPv4 protocol is facing now. Compared with IPv4 protocol. IPv6 protocol has improved significantly in the address capacity, security, network management, mobility and quality of service, meanwhile, mobile communications and the rapid development of wireless technology make people propose new requirement that network protocol has enough support for mobile network. In the Internet, a wealth of information resources and services in use are mostly paid, this problem is not related to the scope of mobile IPv6 protocol, but resolved by the AAA protocol. AAA protocol achieve authentication, authorization and accounting functions for network service, but most of the traditional AAA program managements are for wired network users and can not serve for wireless network users. For these reasons, authentication, authorization and accounting for users that use the mobile network in the course of the complicated business and personal resources has become a hot issue need to be solved. which requires the mobile IPv6 protocol and AAA protocol combined to form new generation of AAA protocol that is called Diameter protocol.In the cross-authentication and authorization processing scheme of traditional Diameter protocol. the network vertical handoff process often has serious delay problem because of the certification process. This problem not only affects the system's switching performance and service quality, but also affects directly the pursuit of seamless wireless switching. More seriously, the problem led to this protocol can not meet the user requirements of mobile communication service continuity. To solve the above problems, based on the research of general switch process of traditional Diameter protocol, to make up for its shortcomings. I made improvements in the following three areas:(1) Alternate authentication with certification process and use session_ID as the credence of mobile node for the authentication. Because of its unique characteristics and randomness. session_ID is fit to be the credence for authenticating users. In this way. the authentication process is simplified.(2) Set cache area in the external domain AAA server, saving the simplifies the authentication and authorization information-PA of mobile node, used to fast authenticate the mobile node which enter the area again; it eliminates authentication requests need to be forwarded to the AAAH of home domain to processing in the traditional cross-domain authentication, saves the time of the process and improves the speed which response to the access request from mobile user.(3) Make the authentication, authorization process of AAA and the binding update process of mobile switching in parallel, breaking the order of dependence in the traditional authentication and authorization process in order to obtain a faster switching speed.Finally, combine the three improve method to form the final improved model, gives a detailed description of the improved authentication, authorization process; and gives the concrete realization of the improved model and experimental results which show that the improved model reduced the switching time.Today. Internet mobile users has become a huge consumer groups, facing this user base which moving all the time, how to provide better service to them and how to conduct a more comprehensive mobile service management is a problem which worth to in-depth study; this improvement program has a good effect in the situation of users frequently switch between various regions, although the simplification of certification maybe cause security problems, but the program in terms of improving the switching speed of the Diameter network and reduce Internet traffic load still be effective.