| 基于可信计算技术的OSPF路由协议研究 |
| |
| 引用本文: | 李兆斌,韩挺,池亚平,方勇.基于可信计算技术的OSPF路由协议研究[J].计算机工程与设计,2011,32(9):2946-2949. |
| |
| 作者姓名: | 李兆斌 韩挺 池亚平 方勇 |
| |
| 作者单位: | 1. 北京电子科技学院通信工程系,北京,100070
2. 西安电子科技大学计算机学院,陕西西安,710071 |
| |
| 基金项目: | 国家自然科学基金项目(60951001); 国家科技支撑重点基金项目(2009BAH52B06); 北京市自然科学基金项目(4102057) |
| |
| 摘 要: | 为了解决目前路由安全方案中只对路由器身份进行认证,而未对路由器平台的完整性进行验证的问题,在基于LSU数字签名的OSPF协议基础上,借鉴可信计算的完整性度量思想,提出了一种新的可信路由协议TC-OSPF(OSPF based on tru-sted computing)。分析了LSU数字签名过程,指出了在LSU签名过程中加入路由平台完整性度量的可行性,在此基础上设计了具有完整性度量功能的LSU报文结构。安全性分析表明,TC-OSPF协议不仅可以对路由器身份进行认证,同时也能对路由平台的完整性进行验证。仿真实验结果表明,TC-OSPF在保证了OSPF协议安全性的同时也兼顾了路由性能。
|
| 关 键 词: | 安全路由 开放式最短路径优先协议 链路状态更新数据包 可信计算 完整性 |
Study of OSPF based on trusted computing |
| |
| LI Zhao-bin,HAN Ting,CHI Ya-ping,FANG Yong.Study of OSPF based on trusted computing[J].Computer Engineering and Design,2011,32(9):2946-2949. |
| |
| Authors: | LI Zhao-bin HAN Ting CHI Ya-ping FANG Yong |
| |
| Affiliation: | LI Zhao-bin1,HAN Ting2,CHI Ya-ping1,FANG Yong1(1.Department of Communication,Beijing Electronic Science and Technology Institute,Beijing 100070,China,2.School of Computer Science and Technology,Xidian University,Xi'an 710071,China) |
| |
| Abstract: | In order to slove the problems on presented routing secure solutions only to resolve the identity authentication,but no resolve the integrity verification.In order to conquer limitations above-mentioned,a new trusted routing protocol is proposed that is based on trusted computing and the digital signature OSPF using LSU.The new protocol can be called TC-OSPF(OSPF based on trusted computing).Firstly,the LSU digital signature process is analysed and the feasibility can be given for adding the router platform ... |
| |
| Keywords: | secure routing OSPF LSU packet trusted computing integrity |
| 本文献已被 CNKI 万方数据 等数据库收录! |
|
