一种可信任的网络安全模型

A TRUSTABLE NETWORK SECURITY MODEL

下载PDF

导出

摘要随着网络的高速发展,其数据传输的安全性成为网络研究的热点。本文从系统结构的角度出发,提出了一种可以对系统传输的数据流提供保护的可信任的网络安全模型。该模型不仅提供了一种可信任的、可扩展的分层式Internet身份认证机制(分层式公钥分配架构);而且还提供一种动态检测机制来确认对方的活性,从而避免了无效数据的传输;模型还通过在网络层与链路层之间嵌入一个安全模块来实现对数据的安全处理。实验结果表明,该模型具有很强的安全性和有效性。 With the rapid development of network, most research is focused on the security of data in the Intemet. This paper presents a novel trustable model of network security that can protect the data stream transferred in the network. In this model, we not only bring forward a trustable extensible identification strategy that is a hierarchy, but also provide a dynamically detecting method to verify the liveliness of opposite peer that can avoid the network congestion. A secure layer that implements the encapsulation the data is inserted between the network layer and the link one. The experimental results show that our model can work very well.

作者张峰叶澄清

机构地区浙江大学计算机学院

出处《计算机应用与软件》 CSCD 北大核心 2005年第11期108-111,130,共5页 Computer Applications and Software

关键词网络安全模型数据传输系统结构信任度安全模块身份认证机制分配架构 Network security Liveliness IP security protocol Trusty Security module

分类号 TP393.08 [自动化与计算机技术—计算机应用技术]

引文网络
相关文献

参考文献14

1Diffie W.Hellman M.,New Directions in Cryptography,IEEE Transactions on Information Theory,Nov.1976,Vol.IT-22,pp.644～654.
2R.Housley,W.Ford,W.Polk,D.Solo,Internet X.509 Public Key Infrastructure Certificate and CRL Profile.RFC 2459,January 1999.
3Chokhani S.,Towards a national public key infrastructure,IEEE Communication Magzine,1994,32(9):70～75.
4Harkins D.Carrel D.,The Internet Key Exchange(IKE).RFC 2409,November 1998.
5Kent S.Atkison R.,Security Architecture for the Internet Protocol,RFC2401,November 1998.
6Maughan D.Schertler M.et al.,Internet Security Association and Key Management Protocol(ISAKMP),RFC 2408,November 1998.
7Rivest R.,The MD5 Message-Digest Algorithm.RFC 1321,April 1992.
8National Institute of Standards and Technology,U.S.Department of Commerce.Secure Hash Standard.document FIPS-180-1,April 1995.
9Krawczy H.Bellare M.Canetti R.,HAMC:Keyed-Hashing for Message Authentication.RFC 2104,February 1997.
10Kent S.Atkison R.,IP Authentication Header.RFC 2402,November 1998.

二级参考文献8

1FERGUSON P, HUSTON G. What is a VPN? [DB/OL]. http://www.employees.org:80/-ferguson/vpn.pdf, April 1998.
2KENT S, ATKISON R. Security Architecture for the Intemet Protocol[S]. RFC 2401, November 1998.
3HARKINS D, CARREL D. The Intemet Key Exchange(IKE)[S]. RFC 2409, November 1998.
4WAHL M, KILLE S, HOWES T. Lightweight Directory Access Protocol(v3)[S]. RFC 2251, December 1997.
5Microsoft Corporation. Microsoft Windows driver development kits[DB/OL].http://www.microsoft.com/ddk/.
6KENT S, ATKINSON R. IP Encapsulating Security Payload[S]. RFC 2406, November 1998.
7KENT S, ATKINSON R. IP Authentication Header[S]. RFC 2402, November 1998.
8赵阿群,吉逸,顾冠群.支持VPN的隧道技术研究[J].通信学报,2000,21(6):85-91. 被引量：29

1颜重光.便携产品电源芯片的应用技术[J].电子设计应用,2006(1):102-104. 被引量：5
2李军政.一种优化的无线资源分配架构和算法[J].科技通报,2012,28(10):137-139.
3梁根,俞鹤伟,叶奇明,王哲.多QoS参数约束切换动态带宽分配算法[J].小型微型计算机系统,2014,35(11):2464-2468.
4QuickLogic的RGB分离技术致能新一代折迭式平板装置和智能型手机[J].电子与电脑,2011(7):80-80.
5孙晓蓉,王育民.计算机分布式环境中的认证与密钥分配研究[J].计算机学报,1999,22(6):577-581. 被引量：7

计算机应用与软件

2005年第11期

浏览历史

内容加载中请稍等...

一种可信任的网络安全模型

参考文献14

二级参考文献8

相关作者

相关机构

相关主题

浏览历史