###
DOI:
计算机系统应用英文版:2015,24(2):146-150
本文二维码信息
码上扫一扫!
基于TR069协议的CPE安全认证机制
(1.东华大学 计算机科学与技术学院, 上海 201620;2.上海剑桥科技股份有限公司, 上海 201620)
CPE Security Authentication Mechanism Based on TR069 Protocol
(1.School of Computer Science and Technology, Donghua University, Shanghai 201620, China;2.Cambridge Industries Group, Shanghai 201620, China)
摘要
图/表
参考文献
相似文献
本文已被:浏览 1722次   下载 4337
Received:May 08, 2014    Revised:June 20, 2014
中文摘要: TR069(CPE广域网管理协议)提供了对下一代网络中的家庭网络设备进行管理配置的通用框架和协议, 其协议栈中包括SOAP, HTTP, SSL/TLS, TCP/IP 等标准协议. 当自动配置服务器(ACS)和网络终端设备(CPE)建立连接时, 可以选择使用SSL/TLS层增强通信的安全性. 本文设计并实现了使用OpenSSL开发包对ACS与CPE的相互认证过程进行加密, 包括生成自签证认证证书的方法, 以及证书验证过程. 最后, 通过实验验证了其有效性, 并抓包分析了关键帧.
中文关键词: TR069  OpenSSL  认证
Abstract:TR069 protocol is called the "CPE WAN Management Protocol". It provides a common framework and protocol which manage and configure for next-generation home network devices. Its protocol stack include some standard protocols, such as SOAP, HTTP, SSL/TLS, TCP/IP and so on. When Auto-Configuration Server(ACS) starts to establish connection with the Customer Premises Equipment (CPE), it may choose the layer of SSL/TLS to increase security. In this paper, the process of mutual authentication between CPE and ACS is encrypted, which is designed and implemented using OpenSSL development package, include the method of generate a self-signed certificate, and the process of certificate is verified. Finally, this paper verified its validity by experiment, and analyzes the key frame by capture package.
keywords: TR069  OpenSSL  authentication
文章编号:     中图分类号:    文献标志码:
基金项目:
引用文本:
张红,赵云,陶然,赵伟真.基于TR069协议的CPE安全认证机制.计算机系统应用,2015,24(2):146-150
ZHANG Hong,ZHAO Yun,TAO Ran,ZHAO Wei-Zhen.CPE Security Authentication Mechanism Based on TR069 Protocol.COMPUTER SYSTEMS APPLICATIONS,2015,24(2):146-150