Open Access  Subscription Access

傳統無線標準第三代合作夥伴計畫(3rd Generation Partner Project, 3GPP)、無線區域網路(Wireless Local-Area Network, WLAN)、全球微波互聯接入(Worldwide Interoperability for Microwave Access, WiMAX)中的安全機制對用戶接入認證、業務傳輸安全提供了保障，但由於應用服務提供者和IP網路本身的開放性和安全漏洞，導致來自應用層面的安全威脅無法應對。本文提出一種移動網路可信接入認證模型，通過對移動台的安全狀態進行評估，來指導網路側網元設備對移動台實施動態的網路訪問控制和應用服務限制，並根據安全狀態評估結果輔助移動台及時進行自身安全相關的更新、升級，從而給移動網路和移動台都提供了增強安全的手段，並提供了一種防止病毒或者蠕蟲在網路中快速蔓延的方法。The security mechanism of traditional wireless standard, such as 3GPP (3rd Generation Partner Project), WLAN (Wireless Local-Area Network), WiMAX (Worldwide Interoperability for Microwave Access), provides the ensure of user access authentication, service transmission security, but due to the openness and secure weakness of the application service provider and IP network, it leads to the secure threat from the application layer can not be solved. This paper presents a trust access authentication model in mobile networks, through the evaluation of mobile station's secure status, the network side equipments limit the mobile station to act dynamic network control and application service, and they also help mobile station update itself according to the secure evaluation results. Therefore, it provides the mobile network and mobile station secure-enhance means, and also provides the way to prevent the virus and the worm from spreading rapidly in the network.

可信網路; 接入認證; 移動; Trust Network; Access Authentication; Mobile