{"title":"基于策略的网络漫游基础设施安全访问控制机制","authors":"Tetsuo Imai, Hideaki Goto, H. Sone","doi":"10.1109/SAINT-W.2007.12","DOIUrl":null,"url":null,"abstract":"In the Internet society, IP address is treated as information of organization. This is a problem that visitor uses IP address of visited organization because IP address user of visited organization is treated as a member of the organization. For that, the user's access to home resources may be blocked by firewalls because the user's IP address is not home's one. Therefore an application of authentication and access control is needed. The requirements for authentication and access control method are summarized to six items; (1) getting accessibility to the Internet by using a user credential of the home. (2) Keeping accessibility to home resources. (3) Keeping a local accessibility to visited resources for the visitor. (4) Getting enough security along the wireless/wired channel. (5) Authenticating a user, and trusting by the result, and assigning an IP address of visited organization. (6) By the authentication information, keeping accessibility to the Internet by using a home IP address. The authors investigate the existing methods and point out the merit and demerit for these requirements. Finally, the authors propose a method named 'campus ubiquitous network' that fulfill these all requirements","PeriodicalId":254195,"journal":{"name":"2007 International Symposium on Applications and the Internet Workshops","volume":"19 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2007-01-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"3","resultStr":"{\"title\":\"A Policy-Based, Secure Access Control Mechanism for Network Roaming Infrastructures\",\"authors\":\"Tetsuo Imai, Hideaki Goto, H. Sone\",\"doi\":\"10.1109/SAINT-W.2007.12\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"In the Internet society, IP address is treated as information of organization. This is a problem that visitor uses IP address of visited organization because IP address user of visited organization is treated as a member of the organization. For that, the user's access to home resources may be blocked by firewalls because the user's IP address is not home's one. Therefore an application of authentication and access control is needed. The requirements for authentication and access control method are summarized to six items; (1) getting accessibility to the Internet by using a user credential of the home. (2) Keeping accessibility to home resources. (3) Keeping a local accessibility to visited resources for the visitor. (4) Getting enough security along the wireless/wired channel. (5) Authenticating a user, and trusting by the result, and assigning an IP address of visited organization. (6) By the authentication information, keeping accessibility to the Internet by using a home IP address. The authors investigate the existing methods and point out the merit and demerit for these requirements. Finally, the authors propose a method named 'campus ubiquitous network' that fulfill these all requirements\",\"PeriodicalId\":254195,\"journal\":{\"name\":\"2007 International Symposium on Applications and the Internet Workshops\",\"volume\":\"19 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2007-01-15\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"3\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2007 International Symposium on Applications and the Internet Workshops\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/SAINT-W.2007.12\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2007 International Symposium on Applications and the Internet Workshops","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SAINT-W.2007.12","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
A Policy-Based, Secure Access Control Mechanism for Network Roaming Infrastructures
In the Internet society, IP address is treated as information of organization. This is a problem that visitor uses IP address of visited organization because IP address user of visited organization is treated as a member of the organization. For that, the user's access to home resources may be blocked by firewalls because the user's IP address is not home's one. Therefore an application of authentication and access control is needed. The requirements for authentication and access control method are summarized to six items; (1) getting accessibility to the Internet by using a user credential of the home. (2) Keeping accessibility to home resources. (3) Keeping a local accessibility to visited resources for the visitor. (4) Getting enough security along the wireless/wired channel. (5) Authenticating a user, and trusting by the result, and assigning an IP address of visited organization. (6) By the authentication information, keeping accessibility to the Internet by using a home IP address. The authors investigate the existing methods and point out the merit and demerit for these requirements. Finally, the authors propose a method named 'campus ubiquitous network' that fulfill these all requirements
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
