Research and Design of Dynamic Migration Access Control Technology Based on Heterogeneous Network

With the continuous development of wireless networks, the amount of privacy services in heterogeneous mobile networks is increasing, such as information storage, user access, and so on. Access control security issues for heterogeneous mobile radio network, this paper proposes a dynamic migration access control technology based on heterogeneous network. Through the system architecture of the mutual trust system, we can understand the real-time mobile node failure or abnormal state. To make the service can be terminated for the node. And adopt the 802.1X authentication way to improve the security of the system. Finally, it by combining the actual running test data, the trust update algorithm of the system is optimized to reduce the actual security threats in the environment. Experiments show that the system’s anti-attack, the success rate of access, bit error rate is in line with the expected results. This system can effectively reduce the system authentication information is illegally obtained after the network security protection mechanism failure and reduce the risk of user data leakage.


Introduction
The diversification of Internet services and the spread of communication technology services have led to the rapid development of mobile devices. This makes wireless network service demand more than ever before. Heterogeneous mobile wireless network access and network type are showing diversity. Different network implementation technology, transmission mechanism, organization, control mechanism there is a huge difference. Access Control Technology for Heterogeneous Mobile Wireless Networks, which need to request the user's network status based on the current visit.
According to the user's location and business in a different way to smooth between the accesses that can to provide reliable access to support services.
Through different access network landing personal account information to access the service system on the mobile device, compared to a single access network to authenticate the way more convenient. As a result, more authentication processes are done on heterogeneous mobile wireless networks [1][2]. Heterogeneous mobile networks involved in the security-critical business, which the need for strong security access control technology as a support. To ensure that the only legitimate user account and other information will not be illegal access. Today's heterogeneous mobile wireless networks offer a variety of security services. On this basis, the relevant security strategies are: encryption, authentication, access control, key management, certificate management, etc. [3][4]. Among them, the most widely used authentication mechanism for network security-sensitive services is authentication methods based on personal information such as ID / password and digital certificates. Personal information will be due to the user's own negligence, but also by other illegal means of invasion of technology, such as the loss or theft of smart cards, access to information is illegal tracking and collection. Even if the application layer and network layer at the same time the implementation of security certification, but due to the dependence between the network layer and the application layer. The application layer's security risks still exist [5].
Because heterogeneous network services are the interaction between users and service delivery systems, service security is based on mutual trust between them. The user terminal can access the service providing system simultaneously through a different access network. When the authentication information of the only legitimate user is illegally stolen by another person, the service providing system cannot distinguish whether the object to be accessed is a legitimate user. As a result, there is a security issue for the mutual authentication system of authentication between the user terminal and the service wireless network access control. We proposed architecture consists of a client and a security service system installed on a trusted user node. It can make the security service system can obtain the real-time status of the mobile node. Make the system can be real-time understanding of mobile node failure or abnormal state, which can terminate the service for the node.
And this paper is building the modeling method to analysis and comparison with safe access methods. It make the system finding a safer, more efficient access method. And we are use 802.1X authentication to improve the security of the system. And in the authentication process, the user's identity is used as a public key, so that the key management easier, and do not need to perform the key revocation of the certificate. Node are using a non-interactive computing a symmetric key, which can reduce communication overhead. Finally, after the actual operation of this test, the trust update algorithm to optimize the system to reduce the actual operation of the security threats in the environment.

Heterogeneous Network
Security issues as wireless heterogeneous network development process must pay attention to an important issue.
As the expanding range of network applications and the diversification of access methods, it make a variety of means of attack growing, security plays a vital role in all key technical issues heterogeneous networks. As in all aspects of heterogeneous network routing, authentication, billing, node cooperation, intrusion detection, there are security vulnerabilities. At present, people have carried out relevant research work on some aspects of heterogeneous network security and achieved certain results. However, due to the extremely complex nature of heterogeneous networks, the need to address the security issues is still more. The study of the mutual trust system in the system is the key to the design of the whole system architecture. The mutual trust system enables the secure service system to obtain the real-time status of the mobile node. It can make the system understand the fault or abnormal state of the mobile node. If the illegal node chooses not to send the state data to the security service system in order to hide its own abnormal state information, the mutual trust rule will be broken, and the security service system may terminate the service for the node. 2 respectively. And it corresponds to a trusted area, an untrusted area, and a controlled area in the TNC structure.

Networks
Through the modeling method [6], which can make all aspects of the system behavior in the early stages of development, is predicted, and thus easier to solve the problem. Therefore, we need to abstract the security access problem and establish the theoretical model at first. Through the model of the method to compare a variety of secure access methods to find a more secure, more efficient access method.

Heterogeneous Mobile Networks
In this paper, the network access authentication process, mainly including three levels: Access control layer, is to control access [7]. Which allows users to access, when to allow access, to allow access to where and so on. It mainly adopts the way of Web authentication and 802.1X authentication.
The authentication control layer, which is the interactive rule that controls the authentication message [8][9]. Based on the key mechanism of the service system, the user responds to the authentication requirements of the service system according to  According to its use of the key only one, both parties use this key to encrypt and decrypt the data. This requires the decryption party to know the encryption key in advance.

Symmetric encryption algorithm is characterized by open
algorithm, small computation, fast encryption, high encryption efficiency.

Trust update algorithm
Through the system in the actual operating environment for a large number of security scenes testing, the average

� � t
The system's total update frequency can be calculated by the above formula: In this paper, the network security threats are simply divided into three types: warnings, errors and attacks. The threat frequency is expressed as � . Here y = 1, 2, 3, which representing the three threat levels. The resulting attack frequency function is g(�㌳.
The replacement period T of the system can be calculated and the following equation is satisfied:

Simulation Experiment
The research group will build a heterogeneous mobile network platform based on NS2. And we using the MATLAB simulation platform to attack the system, the success rate of access, bit error rate and other parameters to simulate. By comparing the data with the traditional system and the literature [14], we can verify the anti-attack effect, the success rate and the data fidelity ability of the algorithm. system against attacks graph data, we can see that the system can effectively detect and block these network attacks. It can guarantee the safety of the system, and each group of anti-attack success rate of more than 75%. Figure 6. System access success rate change data curve By observing the data rate of the success rate is not difficult to find that The success rate of its authorized users to access gradually become smaller with the system of malicious users continue to increase. But compared with the traditional algorithm, we can that success rate of this algorithm is always guaranteed to be above the traditional algorithm data curve.
Article System Access success rate gradually stabilized with the gradual increase of malicious users. It can effectively prove the stability of the system.
In order to better verify the accuracy of the algorithm. We compare the error rate between the algorithms in the equalizer in the same environment. The data is shown below. than this algorithm. Therefore, it can be proved that the algorithm has high accuracy.

Conclusion
This article proposed a system architecture based on mutual trust system. The service is terminated for the node by detecting the fault or abnormal state of the mobile node in real time. In the process of system authentication using 802.1X authentication to improve the security of the system. And it combines the actual running test data to optimize the trust update algorithm. It will be reduce the actual operational security threats in the environment. The experimental results show that the experimental results are in accordance with the expected results by testing the system's anti -attack, the success rate of access and the bit error rate. It shows a good anti-jamming capability with data fidelity. And it can effectively reduce the risk of user data leakage, with a certain practical value.