基于SSH的服务调解系统安全通道的设计及实现

发布时间：2018-03-24 15:33

本文选题：调解系统　切入点：SSH　出处：《华东理工大学》2014年硕士论文

【摘要】：在电信业务运营支撑系统领域内,服务调解系统主要负责设备的接入及系统间业务的适配,如业务的服务开通及计费话单的处理等。不同系统所承载的业务并不相同,服务的调解主要依据具体的业务需求加以定制,因此如何为调解系统提供安全且可复用的设备接入接口成为至关重要的课题。在菲律宾Globe Mediation项目的驱动下,本论文对需求展开了业务分析和流程梳理,提出了一个基于HP Service Usage调解平台的子系统架构,详细设计并实现了基于SSH相关协议的安全通道组件以及基于AES算法的加密器,为服务的调解提供了安全可靠且可复用的通信通道。本论文的研究内容主要包括了如下几个方面： 1、设计了基于SSH的安全会话管理,解决了如何同时支持SSH、 Telnet、 TCP等多种会话类型的安全连接问题。 2、为自动化管理SSH隧道,设计并实现了SSH隧道管理组件,解决了隧道创建的自动认证及服务切换时隧道的有效连接的保持的难题。 3、设计了基于SFTP的文件服务管理组件,为系统的文件服务调解提供了安全可靠的传输方式。 4、选择AES算法加以实现,保护了在安全通道中传输的敏感数据。
[Abstract]:In the field of telecommunication business operation support system, service mediation system is mainly responsible for equipment access and inter-system service adaptation, such as service opening and billing bill processing. Service mediation is mainly customized according to specific business requirements, so how to provide a secure and reusable device access interface for mediation system has become a crucial issue. Driven by the Globe Mediation project in the Philippines, this paper presents a subsystem architecture based on HP Service Usage mediation platform. The security channel component based on SSH protocol and the encryptor based on AES algorithm are designed and implemented in detail, which provides a safe and reliable and reusable communication channel for service mediation. The research content of this thesis mainly includes the following aspects:. 1. The secure session management based on SSH is designed to solve the problem of how to support the secure connection of many kinds of session types, such as SSH, Telnet, TCP and so on. 2. In order to manage the SSH tunnel automatically, the SSH tunnel management component is designed and implemented, which solves the problem of how to maintain the effective connection of the tunnel when the tunnel is automatically authenticated and the service is switched. 3. A file service management component based on SFTP is designed, which provides a safe and reliable transmission mode for file service mediation. 4. The AES algorithm is chosen to implement, which protects the sensitive data transmitted in the secure channel.
【学位授予单位】：华东理工大学
【学位级别】：硕士
【学位授予年份】：2014
【分类号】：TP393.09

【参考文献】