信息网络安全 ›› 2015, Vol. 15 ›› Issue (6): 61-66.doi: 10.3969/j.issn.1671-1122.2015.06.010

• 技术研究 • 上一篇    下一篇

无线Mesh网络安全体系研究与设计

罗旬(), 严承华   

  1. 海军工程大学信息安全系,湖北武汉430033
  • 收稿日期:2015-05-08 出版日期:2015-06-20 发布日期:2018-07-16
  • 作者简介:

    作者简介: 罗旬(1986-),男,陕西,硕士研究生,主要研究方向:网络安全;严承华(1967-),男,湖北,副教授,博士,主要研究方向:网络安全、数字图像水印等。

  • 基金资助:
    湖北省自然科学基金[ZRZ2015000304]

Research and Design on Security System of Wireless Mesh Network

LUO Xun(), YAN Cheng-hua   

  1. Department of Information Security, Naval University of Engineering, Wuhan Hubei 430033, China
  • Received:2015-05-08 Online:2015-06-20 Published:2018-07-16

摘要:

针对无线Mesh网络的开放性和多跳通信易遭受外部和内部攻击以及网络集中管理困难等安全问题,文章在分析Mesh网络特点、体系结构以及Mesh网络安全威胁产生的环节的基础上,设计了具有集中访问控制、统一管理、规避网络冲突和隔离网络故障功能的无线Mesh网络安全体系。该体系运用防火墙、身份认证、加密和入侵检测等网络安全防护技术保证网络安全运行,通过在Mesh骨干节点引入访问控制器对要加入网络的节点进行安全认证并对网络的运行状况进行实时监测。用户入网前必须进行认证,使用户和管理者在一个安全的无线链路中传输数据,在Mesh网关节点布置中心控制器集中对要访问网络的用户/组进行鉴权、定义访问策略、实施安全级别管理,对网络进行中心化安全配置和管理,实现Mesh终端安全接入。同时通过访问控制器收集网络故障情况,及时向全网广播,避免网络拥堵,提高了网络的可用性。安全分析结果表明,该体系增强了无线Mesh网络的安全性,对无线Mesh网络的实际应用具有一定的参考价值。

关键词: 无线Mesh网络, 安全威胁, 访问控制, 节点, 认证

Abstract:

Focused on the vulnerability to attack from external and internal nodes and hard management due to openness and jump more communication in wireless mesh network, a security network system has been brought forward based on research of the characteristic, the architecture and potential safety of mesh network, which contain four functions: access control, centralized management, avoid conflict and isolation fault. The system can ensure the safety of network by using some technologies such as firewall, identity authentication, cryptogram and intrusion detection. Which can authenticate the power of users and monitor the running status of mesh network by introduced the access controller in mesh backbone nodes. Also can identify the permissions of users, define access strategy and the level of security management by introduced the center manager in mesh gateway nodes. Analysis shows that the system enhances and improves the security of wireless mesh network, and has certain reference value for mesh network to practical application.

Key words: WMN, potential safety, access control, node, certification

中图分类号: