检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
作 者:陈磊 成亮 CHEN Lei;CHENG Liang(Shanwei Public Security Bureau,Shanwei Guangdong 516600,China)
机构地区:[1]汕尾市公安局,广东汕尾516600
出 处:《信息安全与通信保密》2022年第12期39-47,共9页Information Security and Communications Privacy
摘 要:随着万物互联时代的到来,视频专网的终端呈现出种类繁多、数量巨大、部署分散、安全属性不统一等趋势。为了实现“违规不入网,入网必合规”的终端准入,针对视频专网安全需求,研究了以混合准入策略和违规外联阻断为基础的入网准入控制技术,在不影响现有网络拓扑的基础上设计并实现了准入服务功能。系统对网络中的IT资产进行识别和管控,具备动态主机配置协议准入管控、地址解析协议准入管控、七层流量准入管控等多种准入技术,确保视频专网的合规网络准入。对非授权设备私自连接到视频专网的行为进行检查,并对其进行有效阻断,保证内部网络的安全。与零信任安全体系相比,该方案更加简单可靠。With the advent of the era of IoT(Internet of Things),the terminals of public security video private network are showing a trend of various types,huge numbers,scattered deployment and inconsistent security attributes.In order to realize the terminal access mechanism of"illegal access is not allowed,and allowed access must be legal",aiming at the security requirements of video private network,this paper studies the access control technology based on hybrid access strategy and illegal outreach blocking,which designs and implements the access service function on the basis of not affecting the existing network topology.The system identifies and controls various IT assets distributed in the network and has a variety of access technologies such as dynamic host configuration protocol access control,address resolution protocol access control and 7-layer traffic access control to ensure the compliant network access to the video private network.It checks the unauthorized connections to the video private network from unauthorized devices and blocks them effectively to ensure the security of the internal network.Compared with zero-trust security system,this scheme is simpler and more reliable.
关 键 词:准入策略 违规阻断 动态主机配置协议 地址解析协议 7层流量
分 类 号:TP309.2[自动化与计算机技术—计算机系统结构]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.7