簡易檢索 / 詳目顯示

回結果列表
研究生: 王筱婷
Shiau-Ting Wang
論文名稱: 在移動網路上建立以SIP為基礎之行動虛擬私有網路
SIP-Based Mobile VPN over Network Mobility (NEMO)
指導教授: 陳志成
Jyh-Cheng Chen
口試委員:
學位類別: 碩士
Master
系所名稱: 電機資訊學院 - 資訊工程學系
Computer Science
論文出版年: 2007
畢業學年度: 95
語文別: 英文
論文頁數: 68
中文關鍵詞: 移動式網路虛擬私有網路會話發起協議
外文關鍵詞: Network Mobility, Virtual Private Network, SIP
相關次數: 點閱:1下載:0
分享至:
查詢本校圖書館目錄 查詢臺灣博碩士論文知識加值系統 勘誤回報

    • 隨著對移動性的需求,將無線網路通訊技術進行整合漸趨重要。而移動式網路(Network Mobility)正具有上述功能。移動式網路延伸現有的行動IP(Mobile IP)的移動式機能,且具有移動一整個網路的功能。在移動式網路中的使用者,對於網路移動時產生的改變是毫無知覺的。除此之外,安全性也成為現今網路的重要議題。虛擬私有網路(Virtual Private Network) 是一種利用公用網路建立安全的通訊網路,使在外面的使用者仍可以使用內部的資源。為了同時具有移動性以及安全性,我們提出了一個在移動性網路上建立以SIP為基礎之行動虛擬私有網路。本篇論文結合了SIP,SRTP,cRTP,MICKY,以及Diameter Server 來為即時通訊服務提供具有安全保護以及移動機制的能力。由於SIP在傳送訊息溝通時,會有很多的訊息傳遞而造成頻寬的浪費。我們提出一個叫「USERLIST」的方法來縮減SIP訊息。我們的方法是基於MIDCOM的架構來實作出來。SIP代理器(SIP Proxy)負責處理訊息的交換。而應用層閘道(ALG)不只是具備有防火牆的功能,同時也具備了中間盒(middle-box)的功能。透過以上這兩種機制,我們可以防止外部的使用者在使用內部網域資料時被竊聽或是盜取資料。最後我們實作了一個測試環境還測試我們所提出的方法。我們同時測量了點對點間的延遲還有換手的延遲。而為了證明我們所提出的架構在多使用者時,具有不錯的效能,我們也提供了關於一個移動式網路內不同使用者人數的數據比較。

    With the demand for mobility support, the incorporation of wireless communication technologies has created for entire networks. Network Mobility (NEMO) with the aim of extending existing Mobile IP enables the movement of networks. Users in a mobile network are unaware of their network’s mobility. Besides, security has become a critical issue for today’s Internet. Virtual Private Network (VPN) has been developed to secure user’s communication between untrusted external networks and the protected private internal network. In order to combine mobility with security, we present an architecture of VPN over NEMO which is based on Session Initiation Protocol (SIP). This thesis presents a SIP-Based VPN over NEMO that comprises of SIP, SRTP, cPRT, MICKY, and Diameter Server to provide security real-time service with mobility. Besides, we bring up an approach which is named ”USERLIST” to reduce SIP signaling messages. The proposed architecture is implemented based on the MIDCOM architecture. We use SIP Proxy to process the signaling exchanges. We also use Application Level Gateway (ALG) to function as a firewall and to act as a middle-box for protecting every legal mobile node outside of the private network from eavesdropping. Finally, a testbed for our proposed solution has been implemented and has experiments of end-to-end delay and handoff delay. And we also present a comparison of handoff delay among different number of users in a mobile network.

    Acknowledgments i Abstract ii Contents iii List of Figures v 1 Introduction 1 1.1 Overview of NEMO 2 1.2 Overview of VPN 3 1.3 Moblie VPN Proposed by IETF 3 1.4 SIP-Based Route Optimization for NEMO 5 1.5 SIP-Based Mobile Virtual Private Networks 6 1.6 Organization of This Thesis 6 2 Problem Statement 7 2.1 Problems 7 2.1.1 MIP-Based VPN 7 2.1.2 MIPv6-Based NEMO 7 2.1.3 Signaling Cost in SIP 8 2.2 Requirements 8 2.2.1 Requirements for MVPN 8 2.2.2 Requirements for NEMO 9 3 Proposed Solution 11 3.1 Architecture 11 3.1.1 Diameter Server 11 3.1.2 Proxy2 Server 12 3.1.3 Proxy1 Server 12 3.1.4 Application Level Gateway (ALG) 12 3.2 Detailed Message Flows 13 3.2.1 Basic Message Flows 13 3.2.2 Flows of Mobile Network Handoff 22 3.2.3 Flows of Mobile Node Handoff 33 3.3 Protocols 34 3.3.1 Signaling: SIP, SDP 34 3.3.2 Secured Transport: SRTP, cRTP 35 3.3.3 Key Management: MIKEY 36 3.3.4 AAA: Diameter 38 3.3.5 Gateway: Application Level Gateway (ALG) 38 4 Implementation and Experiments 41 4.1 Testbed 41 4.2 Experiment Results 43 4.2.1 Handoff Delay 43 4.2.2 End-to-End Delay 46 4.2.3 Handoff Delay for NEMO environment 50 5 Conclusion 55

    [1] V. Devarapalli, R. Wakikawa, A. Petrescu, and P. Thubert, “Network Mobility (NEMO) Basic Support Protocol.” IETF RFC 3963, Jan. 2005.
    [2] V. Consortium, “VPN Technologies: Definitions and Requirements.” VPN Consortium, Mar. 2006.
    [3] J. Rosenberg, H. Schulzrinne, G. Camarillo, A. Johnston, J. Peterson, R. Sparks, M. Handley, and E. Schooler, “SIP: Session Initiation Protocol.” IETF RFC 3267, June 2002.
    [4] M. Baugher, D. McGrew, M. Naslund, E. Carrara, and K. Norrman, “The Secure Real-time Transport Protocol (SRTP).” IETF RFC 3711, Mar. 2004.
    [5] S. Casner and V. Jacobson, “Compressing IP/UDP/RTP Headers for Low-Speed Serial Links.” IETF RFC 2508, Feb. 1999.
    [6] J. Arkko, E. Carrara, F. Lindholm, M. Naslund, and K. Norrman, “MIKEY: Multimedia Internet KEYing.” IETF RFC 3830, Aug. 2004.
    [7] M. Garcia-Martin, Ed., M. Belinchon, C. Canales-Valenzuela, and K. Tammi, “Diameter Session Initiation Protocol (SIP) Application.” IETF RFC 4740, Nov. 2006.
    [8] C.-M. Huang, C.-H. Lee, and J.-R. Zheng, “A Novel SIP-Based Route Optimization for Network Mobility,” in IEEE JOURNAL ON SELECTED AREAS IN COMMUNICATIONS, vol. 24, pp. 1682–1691, Sept. 2006.
    [9] S.-C. Huang, Z.-H. Liu, and J.-C. Chen, “SIP-Based Mobile VPN for Real-Time Applications,” in IEEE Communications Society / WCNC, pp. 2318–2323, 2005.
    [10] E. F. Adrangi and E. H. Levkowetz, “Problem Statement: Mobile IPv4 Traversal of Virtual Private Network (VPN) Gateways.” IETF RFC 4093, Aug. 2005.
    [11] T. Ernst, “Network Mobility Support Goals and Requirements.” Internet Draft, draft-ietf-nemo-requirements-06, Nov. 2006.
    [12] M. Handley and V. Jacobson, “SDP: Session Description Protocol.” IETF RFC 2327, Apr. 1999.
    [13] H. Schulzrinne, S. Casner, R. Frederick, and V. Jacobson, “RTP: A Transport Protocol for Real-Time Applications.” IETF RFC 3550, July 2003.
    [14] “libosip - The GNU oSIP library.” http://www.gnu.org/software/osip/osip.html.
    [15] “eXosip2 - the eXtended osip Library.” http://savannah.gnu.org/projects/exosip.
    [16] J. Liesenborgs and T. E. C. for Digital Media (EDM), “JRTPLIB - RTP library.” http://research.edm.uhasselt.be/jori/jrtplib/documentation/index.html.

    無法下載圖示 全文公開日期 本全文未授權公開 (校內網路)
    全文公開日期 本全文未授權公開 (校外網路)

    QR CODE