دانلود ترجمه مقاله کلیاتی در رابطه با امنیت Ipv6 موبایل – مجله IEEE

فهرست مطالب:

 چکیده
۱ مقدمه
۲ پیشینه
۳ روش کارکردIPSec
A مجمع های امنیتی
B SA و مدیریت کلید
C الگوریتم ها و روشها
۴ تجزیه و تحلیل امنیت
۵ راه حل امنیتی پیشنهادی
۶ نتیجه گیری

بخشی از ترجمه:

۶٫ نتیجه گیری
نیاز IPv6 موبایل با برخی مسائل عملی ضروری ، هنوز ناقص می باشد. مهمترین نگرانی امنیت پروتکل می باشد، زیرا بدون راه حل امنیتی مناسب، پروتکل فرصتی برای پذیرفته شدن نداشته و به هیچ وجه کار نمی کند. در حال حاضر، در مد انتقال، بسته بندی امن داده ها (ESP) روش استاندارد برای حفاظت از BU و همچنین ساخت اتصال امن برای کنترل پیام های ارسال شده در روش ثبت خانگی می باشد. برخی از مزایای IPSec نسبت به SSL/TLS عبارتنداز: او می تواند مستقل از آدرس IP عمل کند، می تواند هر پروتکلی را رمزگذاری کند و می تواند بسته های متشکل از هدر IP را نیز رمزگذاری کند. اما IPSec بسیار پیچیده بوده و راههای مختلفی برای پیکره بندی آن وجود دارد.
مدیریت کلید پویا ، الگوریتم های احراز هویت متقابل و مذاکره رمزنگاری را می توان با استفاده از پروتکل IKE کنترل نمود. به علاوه، روش احراز هویت که یکی از راههای اصلی ایجاد ارتباط امن بین همتایان است، می تواند براساس رمز مشترک، پروتکل احرازهویت توسعه پذیر (EAP) یا گواهی های X.509 عمل کند.

بخشی از مقاله انگلیسی:

I. INTRODUCTION There are various implementations presented for Mobile IPv6. Some have been successful, while other concepts such as security bandwidth consumption and seamless handover are still concerns that researchers are trying to improve [1]. Communication privacy is a basic necessity of each user in public communication. A summary of necessary security issues includes how sender and receiver authenticate each other before creating any connection (addressing as trust), how communication between senders and receivers is protected against eavesdropping and tampering (addressing as confidentiality), and how authenticated users follow private communication (addressing as authorization). On the other hand, secure communication over the internet is essential for important applications such as banking, purchasing, making payments, virtual private network (VPN) and so on. Security includes peer authentication, and is encouraged by authorization to make use of resources, secret key and exchanges, and private communication using algorithms. Security can be provided either at the IP layer or transport layer. For example, Secure Socket Layer (SSL) is used to make a secure http which is visible as an https on a web page. The VPN applications for roaming users are based either on IP Security or SSL, which are both enough to provide the minimum security functions necessary. IP mobility is concerned with IP layer security so in this paper the focus is on preparing a summary of IP Security (IPsec). Authentication, integrity, confidentiality and access control can be achieved using IPsec in the network [2-5]. II. BACKGROUND Mobile IPv6 is a standard that offers a way for mobile nodes (MN) to preserve connectivity while they travel across different areas. All mobile nodes (MNs) have a home network with a permanent home IP address. In addition, each home network includes a home agent (HA) in charge of tracking MNs as they move in different networks. The time a MN leaves a home network and move to the neighbor network, obtaining a new IP address, is called a care-of address (CoA). The MN is required to register this address (CoA) with its HA through a binding update which defends its authenticity and integrity and is issued over an IPSec. Thus, even as the MN moves to a foreign network, a correspondent node (CN) can maintain communication with the MN using indirect routing made of packets being relayed by the HA. To decrease overhead at the border router, routing optimization is used. Routing optimization offers a way for the MN and CN to forward packets to each other directly without sending from the HA. If there is no security mechanism, the CN does not know which MN sent the BU. The BU is not actually secret but it needs to be sent from a legitimate MN. The integrity and authenticity of this binding update cannot be secured via IPSec as it cannot be assumed that a common public key survives between the two nodes. [6-8]. III. HOW IPSEC WORKS IPSec uses packet cryptography and filtering, with cryptography helping to achieve user data confidentiality, authentication and integrity. These are components which together with their interrelationships include the logical architecture of IPSec. In this section the fundamental components of IPSec architecture are briefly explained. IPSec architecture can be classified into three main areas: Security Associations (SA) SA and key management support Algorithms and methods A. Security Associations Security Associations are a number of keys that define the security services and an agreeable policy, and are used to defend communications between IPSec peers. Security Associations (SA) is a one-way connection that offers security 2012 Third International Conference on Intelligent Systems Modelling and Simulation 978-0-7695-4668-1/12 $26.00 © ۲۰۱۲ IEEE DOI 10.1109/ISMS.2012.9 582 584 services. For each IPSec session two SAs are needed; for instance, if Authentication Header (AH) and Encapsulating (ESP) are both used between two peers in IPSec, then four SAs are needed. Security Association database (SAD) and Security Policy database (SPD) are two databases used in SAs. The SAD is used to keep the information about each SA after SA is established; then the SPD stores the policy requisites or security necessities for each SA to be established. Fig.1 illustrates SA, SAD and SPD architecture [9].

دانلود رایگان مقاله انگلیسی

خرید ترجمه فارسی مقاله با فرمت ورد

خرید نسخه پاورپوینت این مقاله جهت ارائه