中文摘要：

民航无线宽带专网CAWN是大型机场运行业务数据的通信手段。CAWN的接入认证及其数据传输的安全性涉及到航空机场的安全运行和乘客的个人隐私等。文章在研究了大型航空机场无线覆盖的网络结构和安全性要求的基础上，提出了基于IPSec的CAWN接入认证和数据传输安全机制的方案．根据国内某机场的CAWN组网方式搭建了实验系统，验证了IPSec的接入认证功能，并对系统的功能和性能进行了测试。实验结果表明加载了IPSec模块的系统能够实现接入认证功能和保障数据传输的安全性，且总体网络性能指标稳定；虽然网络吞吐量略有减小，以及网络延时略有增加，但是能够满足航空机场网络通信的要求。

英文摘要：

CAWN is the primary communication method for wireless broadband data transmission in large airports. The access authentication and production data transmission security affect the civil airport safety and passengers＇ personal privacy. By researching the network structure and safety requirements of large civil airport wireless coverage, the program for CAWN access authentication and data transfer security mechanism which is based on the IPSec, is proposed. On the basis of the networking of a domestic airport＇s CAWN, an experiment system was established to verify the access authentication function of IPSec and test the function and performance of the system. The result shows that with the IPSec module loaded, the system can realize the function of access authentication and guarantee the safety of the data transmission, while the performance is stable. Though the network throughput decreases and network delay increases a bit, the system can meet the requirement of civil airport＇s network communication.