基于C/S/S+B/W/S/S混合模型安全系统的分析与设计

Analysis and Design of Security System Based on C/S/S and B/W/S/S Integrative Modeling

随着信息系统规模的不断扩大和互联网技术的发展,多层体系结构B/W/S/S,C/S/S应运而生,在综合分析了B/W/S/S结构和C/S/S结构的基础上,以C/S/S结构为系统管理核心,由网络管理服务集、网络管理协议平台组成了一种B/W/S/S,C/S/S混合结构信息系统模式。为解决该混合结构信息系统的安全性问题,笔者提出了将防火墙和强用户认证机制相结合的方案。由于防火墙的主要防范目标是来自于外部网络的攻击,对于自己内部网络却基本上不采取什么安全措施。当内网用户远程登录系统时,通过强身份认证系统进行有效的身份验证,可以补充防火墙在安全防范方面的不足,有效地保障了网络信息系统的安全性。

With the continued expansion of the scale of information systems and the development of Intemet technology, the multi-level system structure B/W/S/S, C/S/S arises at the right moment. On the basis of the comprehensive analysis of C/S/S and B/W/S/S structures, a new integrative modeling of C/S/S and B/W/S/S is designed, in which the C/S/S structure is taken as the core of the integration architecture, and the network management service collection and the network management agreement platform as the B/W/S/S, C/S/S mixed structure of information system model. In order to solve the security of mixed structure infomation system, a protocol integrating firewall with strong user authentication mechanism is proposed. Since the firewall mainly withstands the attacks coming from the exterior network, it does not take any security measure from the interior network. However, the strong authentication system may process the effective identification authentication, and supplement the insufficiency of firewall in the safe guard aspect to effectively safeguard the security of information system.