主动安全网络架构的协议族  

作　　者：刘建兵 王振欣 赵振学 邱成军 Liu Jianbing;Wang Zhenxin;Zhao Zhenxue;Qiu Chengjun(Beijing VRV Software Corporation Limited,Beijing 100195;Northwest Sales Company of Petroleum China,Lanzhou 730060;Beibu Gulf University,Qinzhou,Guangxi 535000)

机构地区：[1]北京北信源软件股份有限公司,北京100195 [2]中国石油西北销售公司,兰州730060 [3]北部湾大学,广西钦州535000

出　　处：《信息安全研究》2021年第9期802-809,共8页Journal of Information Security Research

摘　　要：这是主动安全网络架构系列文章的第3篇.介绍了主动安全网络架构的协议族•在传统TCP/IP基础上,主动安全网络架构补充了和安全相关的一族协议,以此实现相关的网络安全能力.主动安全网络架构的IPK密钥平台、认证客户端、边界认证机、管理控制服务器相互配合,实现架构的整体安全稳定运行•架构运行过程中的终端认证、边界认证机注册认证、终端认证信息上报、终端安全策略下发、第三方平台信息上报和策略交互等安全业务分别由接入认证协议、管理控制协议、业务交互协议、开放集成协议和信任互联协议支撑.主动安全架构的支撑协议中普遍应用了国密技术,增强了安全强度,确保了业务运行的安全性.This is the third article in a series of articles on active safety network architecture,which introduces the protocol family o£active safety network architecture.On the basis of traditional TCP/IP>the active security network architecture supplements a family of security-related protocols to achieve related network security capabilities.The IPK key platform,authentication client,border authentication machine and management control server of the active secure network architecture cooperate with each other to achieve the overall safe and stable operation of the architecture.During the operation of the architecture,security services such as terminal authentication,border authentication machine registration and authentication,terminal authentication information reporting,terminal security policy issuance,third-party platform information reporting and policy interaction are respectively supported by the access authentication protocol,management control protocol,business interaction protocol,open integration protocol and trust interconnection protocol.The national secret technology is widely used in the supporting protocols of the active security architecture,which enhances the security strength and ensures the security of business operations.

关 键 词：接入认证 管理控制 业务交互 开放集成 信任互联 

分 类 号：TP393.1[自动化与计算机技术—计算机应用技术] TP393.2[自动化与计算机技术—计算机科学与技术]