摘要
目前,电信运营商和服务提供商以RADIUS服务器进行集中认证计费应用的最为普及和广泛。然而,现行的RADIUS协议有许多的局限性。例如,仅仅局限于对用户信息进行验证、用户记帐等等功能。目前业界已经有很多RADIUS协议相关的扩展属性方面的研究,并且已经成为规范。但是,这些相关研究大部分都集中于RADIUS协议的安全性方面,而比较忽视对于电信这种服务类行业来说至关重要的一个方面:用户需求。针对这个问题提出了两种适用性极强的新RADIUS扩展属性:断开连接(Disconnect)属性和更改权限(Change-of-Authorization)属性。断开连接属性可以支持实时断开用户的网络连接。更改权限属性可以支持实时更改用户的会话特征(包括带宽、资费以及可以访问的网络资源等等)。主要对新扩展属性的具体配置、包的格式、类型进行了详细的阐述。
At present, telecom operators and service providers to RADIUS server authentication and accounting application to focus the most universal and extensive. However, the existing RADIUS protocol has many limitations. For example, only limited information to the user authentication, user accounts and so on. At present, the industry has a lot of agreements related to the expansion of RADIUS attribute research, and has become the norm. However, most of these studies have focused on the RADIUS protocol security, and relatively less importance to such services for the telecommunications industry is a crucial areas: customer needs. To address this question the applicability of the two very strong expansion of new RADIUS attributes: Disconnect (Disconnect) and change the permissions attributes (Change-of-Authorization) attributes. Disconnected from real-time properties can support the user's network connection disconnected. To change the permissions to change the attributes to support real-time characteristics of the user's session (including bandwidth charges, as well as be able to access network resources, etc.). The main attributes of the new expansion of the specific configuration, packet formats, packet types, such as described in detail.
出处
《电脑知识与技术》
2009年第8X期7041-7043,共3页
Computer Knowledge and Technology
关键词
远程验证
拨入用户服务
网络接入服务器
认证
断开连接
更改权限
报文
remote authentication
dial-in user service
network access server
certification
disconnected
change permissions
message
