【编者按】:网学网毕业论文参考文献为您提供毕业论文三级目录及摘要和参考文献参考,解决您在毕业论文三级目录及摘要和参考文献学习中工作中的难题,参考学习。
摘 要
无线网络飞速发展,人们在充分享受各种无线接入网络便利的同时,各种安全问题也逐渐暴露出来。由于IPSec 能够提供较好的安全保护,能够有效解决上述问题,应用范围不断扩大。在传统的TCP协议中,假设丢包都是由网络拥塞造成的,这不适用于错误丢包比拥塞丢包更容易发生的无线链路。此时,启用拥塞控制机制,将导致TCP端到端的性能降低。而且现有的很多改进方案无法用于加密通信中,因为IPSec与TCP在无线网络中的改进方案之间存在冲突。在无线通信网络中,要保证通信的安全性和TCP协议的性能,就必须解决他们之间的冲突。而在在VPN系统的大规模应用中,由于其部署环境复杂,也面临不同软件在NDIS内核框架中的冲突和内核模块开发,移植,维护困难等问题。
在对目前流行的基于Windows平台的VPN系统体系结构及其实现技术进行深入分析的基础上,针对嵌入式终端的特点,提出了一种新的基于虚拟网卡的技术,详细阐述了其原理和优点。然后给出了在WinCE VPN系统中实现该技术的体系结构,能够从根本上解决上述问题。
根据应用存在的性能问题,对现有的各种无线网络下TCP性能改进机制与IPSec VPN的兼容性进行了详细的分析,比较各种可能方案之间的优点与缺点。在分析现有改进算法的基础上,提出了一种适用于有线/无线混合网络IPSec兼容的端到端的优化机制。通过接收端数据包到达时间间隔的变化累积来判断无线链路的状况,用ACK标记ELN通知发送端,避免不必要的拥塞控制而导致性能下降。通过NS2仿真实验, 并与TCP Reno进行了性能对比。结果表明,该机制能有效提高TCP在无线移动场景下的网络传输性能,同时和现有的安全机制也相兼容。关键词:TCP ;VPN体系结构;虚拟网卡;有线无线混合网络;性能评价;拥塞控制;端到端
Abstract
While wireless access technology has experienced a rapid growth in recently years.The people while fully are enjoying each kind wireless, a number of security concerns have been raised for wireless networks in general. TCP is originally designed only for wired network and assumes that any loss is due to congestion. However, it is different in wireless situation in that wireless errors are more likely to occur than congestion. Such non-congestion packet loss, when dealt with invoking a congestion control algorithm, resulting in degrade end-to-end performance. At the same time, many exist approach can not work when the encryption is used in the communication. So the security mechanism and TCP improving mechanism compatibility also is taken into considering of our works. But in the large-scale application of VPN system, because the deployment environment is complex, frequently can face the different software in NDIS kernel frame conflict, simultaneously the kernel module development, the transplant, maintains question and so on difficulty.
This paper deeply analyses the popular architecture and implement technology based on Windows VPN system structure, simultaneously aims at embed terminal characteristic, proposed one kind new based on virtual Network card technology, in detail elaborated its principle and the merit. The produced system has realized this technical system structure in WinCE VPN, could fundamentally solve the above problem.
Aiming at the performance problem of VPN apply ,