摘要
文章论述的基于策略框架的防火墙安全管理平台是一种信息模型统一的、独立于具体硬件的分布式软件平台,采用Policy工作组的策略框架实现XML统一描述和目录服务器统一存储防火墙策略,采用SNMP-Conf工作组的策略框架实现防火墙策略的翻译和配置,利用SNMPv3、LDAP+IPsec、HTTP+SSL达到策略的安全分发、安全访问和网页保护,并提出用策略数据的XML结构与SNMP结构相互转换来达到安全分发.
The Firewall Security Management Flatform based on policy framework discussed by the paper is unifying information model and hardware-independent distributed software platform. It adopts frame work of Policy WG to unify describing firewall policy with XML and saving it with directory server, framework of SNMPConf WG to achive to translating and configuring firewall policy,adopts SNMPv3, LDAP + IPsec, HTTP + SSL to attain secure sending policy, secure accessing policy and protecting web page. It also implements a mutual transformation method between XML and SNMP.
出处
《河南教育学院学报(自然科学版)》
2008年第2期47-50,共4页
Journal of Henan Institute of Education(Natural Science Edition)
