检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
出 处:《计算机科学》2004年第10期150-154,共5页Computer Science
摘 要:随着计算机网络技术的发展,对网络核心设备的安全研究成为发展的热点。高速边缘路由器是骨干网和互联网/内部网之间的高速接入设备,在网络安全的研究中具有重要的意义。高速边缘路由器中的安全数据库管理包含了对安全策略的管理和对安全关联的管理,它的合理性和高效性是制约高速边缘路由器系统性能的重要因素。目前,安全数据库系统普遍采用集中式体系结构完成对安全策略和安全关联数据的管理,在系统的并行性、灵活性和访问效率方面都存在着较大的缺陷;分布式管理则由于各分布子系统问的一致性维护问题在高速边缘路由器中被充分放大而无法满足高速边缘路由嚣的设计要求。本文基于ForCES协议框架提出了一种高速边缘路由器的体系结构CeDita,并详细分析了基于该体系结构的安全数据库混合式管理模型SDM的特点。该模型综合了集中式管理的视图统一、操作简单等特点以及分布式管理的本地访问特点,具有较强的并行性、可扩展性和高效性,是一种适于路由器实现的高效的数据库替理模型。With the ever increasing of the network security systems applied in wide range of critical domains,the requirement of high reliability and high availability of these systems tends to be more and more urgent, which leads to the emergence of the routers executing security protocols (i. e,IPSec) and the tendency of these routers used as the boundary equipments between the backbone and the Intranet/Internet. The security database management of these routers includes the management of the security policies and the security associations of the routers. The complexity of this management requires a flexible,scalable and efficient architecture. Centralized architecture can't meet this challenge due to the long access time and the poor parallelism. Neither can distributed architecture do because that the management of the security database is complex enough to maintain the consistencies between the multiple executors. This paper prompts an architecture called CeDita in the framework of the ForCES,and analyzes the hybrid architecture of the security database management which maintains a short access time and keeps the system flexible and scalable. Furthermore, detailed studies on the key implementation technologies of this architecture are presented in the paper as well.
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.30