本文已被:浏览 1722次 下载 4337次
Received:May 08, 2014 Revised:June 20, 2014
Received:May 08, 2014 Revised:June 20, 2014
中文摘要: TR069(CPE广域网管理协议)提供了对下一代网络中的家庭网络设备进行管理配置的通用框架和协议, 其协议栈中包括SOAP, HTTP, SSL/TLS, TCP/IP 等标准协议. 当自动配置服务器(ACS)和网络终端设备(CPE)建立连接时, 可以选择使用SSL/TLS层增强通信的安全性. 本文设计并实现了使用OpenSSL开发包对ACS与CPE的相互认证过程进行加密, 包括生成自签证认证证书的方法, 以及证书验证过程. 最后, 通过实验验证了其有效性, 并抓包分析了关键帧.
Abstract:TR069 protocol is called the "CPE WAN Management Protocol". It provides a common framework and protocol which manage and configure for next-generation home network devices. Its protocol stack include some standard protocols, such as SOAP, HTTP, SSL/TLS, TCP/IP and so on. When Auto-Configuration Server(ACS) starts to establish connection with the Customer Premises Equipment (CPE), it may choose the layer of SSL/TLS to increase security. In this paper, the process of mutual authentication between CPE and ACS is encrypted, which is designed and implemented using OpenSSL development package, include the method of generate a self-signed certificate, and the process of certificate is verified. Finally, this paper verified its validity by experiment, and analyzes the key frame by capture package.
keywords: TR069 OpenSSL authentication
文章编号: 中图分类号: 文献标志码:
基金项目:
引用文本:
张红,赵云,陶然,赵伟真.基于TR069协议的CPE安全认证机制.计算机系统应用,2015,24(2):146-150
ZHANG Hong,ZHAO Yun,TAO Ran,ZHAO Wei-Zhen.CPE Security Authentication Mechanism Based on TR069 Protocol.COMPUTER SYSTEMS APPLICATIONS,2015,24(2):146-150
张红,赵云,陶然,赵伟真.基于TR069协议的CPE安全认证机制.计算机系统应用,2015,24(2):146-150
ZHANG Hong,ZHAO Yun,TAO Ran,ZHAO Wei-Zhen.CPE Security Authentication Mechanism Based on TR069 Protocol.COMPUTER SYSTEMS APPLICATIONS,2015,24(2):146-150