检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
机构地区:[1]东北大学计算机软件国家工程研究中心,辽宁沈阳110006
出 处:《软件学报》2002年第3期376-381,共6页Journal of Software
基 金:国家863高科技发展计划资助项目(863-306-ZT05-05-5)~~
摘 要:常用的网络安全技术有防火墙、VPN(virtual private network)和NAT(network address translation)等,它们的作用各异.但现有的一些网络安全系统未能将上述技术有机地加以结合,不能很好地兼顾系统执行效率,对系统内部缺乏细粒度的安全管理.针对上述问题,提出了一种集成的可伸缩的网络安全系统——NEUSec(NEUsoft security system),它在Linux环境下将包过滤防火墙、VPN和NAT技术有机地融合在一起,结合NAT和代理服务技术组成了可伸缩的虚拟代理服务器,提出了基于改进型Radix树的安全策略查找机制,采用RBAC(role-based access control)技术解决了系统内部安全管理的问题.与其他安全系统相比,NEUSec是一个较为全面的、可伸缩的、兼顾效率的网络安全系统,在实际应用中取得了较好的效果.Firewall, VPN (virtual private network) and NAT (network address translation) are traditional network security technologies and each has different function. But some network security systems cannot combine these technologies, cannot give attention to efficiency of system, and scarce of fine-granularity inner security management. In order to solve these problems, an integrated and scalable network security system, NEUSec (NEUsoft security system), is presented in this paper, which integrates packet-filter, VPN and NAT technologies under Linux environment, combines NAT and proxy technologies to construct scalable virtual proxy server, the radix-based security policy search mechanism is presented, and the RBAC (role-based access control) technology is introduced to solve inner security management. Compared with other security systems, NEUSec is an all-around and scalable security system and gives an attention to efficiency. It has achieved a satisfactory result in practice.
分 类 号:TP393.08[自动化与计算机技术—计算机应用技术]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.3
