J4

• 论文 •    

IPSec技术在MPLS VPN安全保障中的应用

范亚芹, 张丽翠,马 强
   

  1. 吉林大学 通信工程学院,长春 130012
  • 收稿日期:2007-03-20 修回日期:1900-01-01 出版日期:2008-11-20 发布日期:2008-11-20
  • 通讯作者: 范亚芹

Application of IPSec Technology for MPLS VPN Security Solution

FAN Ya-qin,ZHANG Li-cui, MA Qiang   

  1. College of Communication Engineering, Jilin University, Changchun 130012, China
  • Received:2007-03-20 Revised:1900-01-01 Online:2008-11-20 Published:2008-11-20
  • Contact: FAN Ya-qin

摘要: 针对MPLS VPN(Multi-Protocol Label Switching Virtual Private Network)在保密性要求较高场合存在安全隐患的问题,提出一种可保障其安全性的设计方案。该方案通过利用IPSec(IP Security)协议在客户路由器端对IP 数据包进行加密,在MPLS(Multi-Protocol Label Switching) 边缘路由器端对数据进行封装,从而解决了VPN(Virtual Private Network)采用单一MPLS,在公用骨干网进行第2层传输存在的信息不能自动加密,容易出现因误发或连接中断造成信息泄露等问题。实验结果表明,该方案在不增大网络成本的前提下,保证了数据在传输过程的私有性、完整性和真实性,从而大大提高了网络安全系数。

关键词: 多协议标记交换, 虚拟专用网, IPSec技术

Abstract: MPLS VPN(Multi-Protocol Label Switching Virtual Private Network) is facing a big obstacle that some High-end users worry about their security when using MPLS VPN. A designation idea that can guarantee the safety of MPLS VPN used in some higher presence occasions with some potential safety problems is introduced. IPsec agreement is used to encrypt IP packet in the customer route and encapsulate the data in the MPLS edge router.This method can solve some problems when the information is transmitted in the second layer of the public backbone network with single MPLS VPN such as the information can not be automatically cncrypted,some mistakes appear in the

transmission,the leaking of information caused by continuous

interruptions.Experimental results show that this method improved the network security coefficient under the premise of no increase in the cost of the network.


Key words: virtual private network(VPN), IPSec technology, multi-protocol label switching(MPLS)

中图分类号: 

  • TN915
版权所有 © 《吉林大学学报(信息科学版)》编辑部
地址:长春市东南湖大路5372号(130012) 电话:+86-431-5152552 E-mail: nhxb@jlu.edu.cn
本系统由北京玛格泰克科技发展有限公司设计开发