节点文献
基于IPv6域名的自动注册认证系统的设计与实现
Design and Implementation of Automatic Registration Authentication System Based on IPv6 DNS
【作者】 王鲁华;
【导师】 马严;
【作者基本信息】 北京邮电大学 , 计算机应用技术, 2008, 硕士
【摘要】 IPv6作为下一代互联网的核心协议,有着广阔的应用前景。与IPv4相比,IPv6具有很多新特性:巨大的地址空间、即插即用、内在的安全机制等等。即插即用功能很方便的使得在没有任何人工干预的情况下,IPv6网络节点可以自动获取IP地址。当节点地址发生变化时,用户可以正常的使用网络。但IP地址长度的增加和动态的改变都使得用户直接使用IP地址通信更为复杂,而且也很难在具有动态IP地址的主机上架设服务器。如果能为每个网络节点分配一个授权的域名,注册认证成功后,节点的域名和动态的地址会被映射在DNS中,用户就能够使用便于记忆的固定的域名通信和享受合理的资源,并能方便的在地址动态改变的节点上架设服务器。本文在研究DNS动态更新和认证的基础上,提出了客户端/服务器并支持Web模式的解决方案——IPv6域名自动注册认证系统。即在IPv6网络的节点上安装自动注册认证服务器和Web服务器,用户可以安装客户端,也可以使用web.自动注册认证服务器根据认证的结果,决定向DNS服务器发送动态更新消息还是向NAS发访问控制信息。本文介绍了自动注册认证系统的设计与实现,并详细阐地址检测、记录轮询监视、访问控制等关键技术的实现细节。在对该系统做了功能性测试后,证明了本系统方案的可行性。
【Abstract】 IPv6 is the most important protocol of the next generation network and has the vast application prospect. Comparing with IPv4, IPv6 has many new characteristic: large IP address space, plug and play and internal security architecture, etc. Plug and play function is very convenient to enable IPv6 network nodes to obtain IP addresses automatically without any manual help. When a node address varies, Users can keep connection with the network without any influence.However, the long length and dynamic change of IP addresses make it very complicated for network nodes to communicate each other by IP addresses, and it is almost impossible to install servers on these kinds of nodes. If we can give every node an authorized domain name, after the success of authenitication, the domain name of nodes and dynamic address will be mapped to DNS server, users can communicate with each other by their fixed domain names, enjoy rational resource and be easy to install servers on the nodes whose IP addresses change dynamically.This thesis presents a method to solve this problem that is to develop an automatic registration authentication system that support web mode. Install registration authentication server on a node and web server on other. Users can register by client or web. The server will send dymatic update message to DNS or access control message to NAS according to authentication. This thesis introduces the design and implementation of the automatic registration authentication system and explains the key techniques such as address checking, validity polling, and access control particularly. The functional test proves the feasibility of this proposal.
【Key words】 IPv6; Dynamic update; Authorization; NAS; Automatic registration authentication; domain name; DNS;
- 【网络出版投稿人】 北京邮电大学 【网络出版年期】2008年 10期
- 【分类号】TP393.08
- 【下载频次】137