摘要
针对移动通信网中用户分组数据在x GSN设备中的安全传输和隐私保护问题,提出一种基于GTP协议的"动态隧道"防御方法,构建拟态网关,让SGSN和GGSN之间用于传输用户分组数据的隧道标志(TEID)动态变化,打破TEID与用户身份标志的静态对应关系,从而保护用户分组数据。理论分析和仿真结果表明,"动态隧道"方法能提高系统安全性,有效保护用户隐私信息,而且通信开销和延时较低。
For the user packet data transmission security and privacy issues in xGSN of mobile communication network, this paper proposed a "dynamic tunnel" defense mechanism based on GTP protocol. The method dynamically changes the tunnel endpoint identifier (TEID) used for the transmission of user packets between SGSN and GGSN by building a mimicry gateway, which broke the static correspondence between TEID and user identification, thus achieving the purpose of protecting user packet data. Theoretical analysis and simulation results indicate that the "dynamic tunnel" method can improve system securi- ty and effectively protect user privacy information with low communication overhead and latency.
出处
《计算机应用研究》
CSCD
北大核心
2016年第11期3442-3445,共4页
Application Research of Computers
基金
国家科技重大专项基金资助项目(2013ZX03006002)
国家自然科学基金资助项目(61521003)
关键词
移动通信网
移动目标防御
拟态安全防御
动态隧道
隧道标志符
mobile communication network
moving target defense
mimic security defense
dynamic tunnel
tunnel end- point identifier