【作者】 翁艳琴；

【导师】 石曙东；

【作者基本信息】 湖北师范学院 ， 应用数学， 2012， 硕士

【摘要】 移动网络环境下实施漫游，可为那些由于工作或生活需要在不同区域间移动的用户提供很多的便利，也能为服务提供者带来很好的效益。要使得用户能随时随地的享受网络服务，并确保其个人信息安全，必须有一定的安全漫游协议作为技术支撑。在大量研究学者的共同努力下，目前已经提出了一些漫游的方案，但是在安全性方面或多或少都存在一些不足。从认证协议研究的背景入手，总结了传统认证协议存在的不能提供匿名性、灵活性差等问题，根据实际需求，对实现移动网络漫游的意义进行了论证，通过对前人研究成果的分析和归纳，比较了基于证书认证和基于身份认证研究的优缺点。在对移动IP协议、IEEE802.11协议、IAPP协议和基于身份加密的匿名漫游无线认证协议等几种常用的漫游认证协议进行分析研究后，提出了一种新的移动网络漫游认证协议SRAK，它集合了证书认证和身份认证的特点。研究了安全协议分析与设计的形式化方法，重点对符号理论方法中的BAN逻辑进行了研究，应用BAN逻辑找出了Aziz-Diffie协议中存在的不足，并提出了改进的措施，对Kailar逻辑和SVO逻辑进行了扩展和应用，同时结合认证测试理论和关联性理论对串空间的形式化分析方法也进行了一定的研究，并应用到对OR协议的分析中，发现其中存在的漏洞，针对性的进行了改进完善。运用Kailar逻辑的分析方法对新协议SRAK进行了分析、验证，证明该协议是安全可靠的。更多还原

【Abstract】 The Implementation of roaming in mobile network environments can not onlybring a lot of convenience for those users who need to move between different areasdue to work or live, but also provide good benefits for service providers.To allowsusers to enjoy network services anytime and anywhere,and to ensure the security oftheir personal information, there must be a certain amount of secure roamingagreements as technical supports.A large number of research scholars have proposedsome of roaming programs in the joint efforts,but there are more or less someshortcomings in terms of security.This text begins with the background to the studyof authentication protocol, summarizes the problems of traditional authenticationprotocol such as no anonymity and no flexiblity.According to the actual demand, thispaper argues on the significance of mobile network roaming,and compared theadvantages and disadvantages between Certificate-based and Identity-basedauthentication study, by analyzing and generalizing the results of previousstudies.After the Analysis on the several commonly used protocol such as mobile IPprotocol,IEEE802.11, IAPP, and identity-based anonymous roaming wirelessauthentication protocol,this paper synthesizes its advantages and disadvantages,andproposes a new mobile network roaming authentication protocol SRAK,whichgathers together the features of certificate Certificate-based and Identity-basedauthentication.In addition, this paper has a research on the formal methods forsecurity protocol analysis and design, and makes focus on the BAN logic symboltheoretical method,which was used to inprove Aziz-Diffie protocol. It made Kailarlogic Extended and the SVO logic applied, and combined with certification testingtheory and relevance theory, it also carried out some research on the formal analysisof the string space method,which is applied to the analysis of OR, found that existsvulnerability,improving it.This article analyzes the new agreement SRAK by meansof Kailar logic theory,and prove that the protocol is safe and reliable.更多还原