摘要
个人防火墙位于宿主计算机和它所连接的网络之间,监视着宿主计算机上所有进入和流出的网络通信。Windows下的个人防火墙开发是商业领域的核心机密,也是核心的网络安全技术,对其研究开发具有重大价值。对市场上商用的Win-dows个人防火墙系统进行分析对比后,定义了个人防火墙系统应具备的主要功能特性,认为其核心技术是对网络数据包进行封包截获,并进一步给出了Windows系统网络协议分层体系结构。在对OSI参考模型和Windows网络协议分层体系结构对比分析的基础上推断出实现封包截获的不同技术路线,并对这些技术路线进行评估后确定了最终技术路线。
Sited between host computer and outer network, personal firewall keeps eyes on communication flowing in and out of host computer. Considered as kernel secret and core technology in network security, how to develop personal firewall system based on windows is of fundamental value. By contrast with several personal firewall systems in market use, main functional attributes are given and the chief is centered around intercepting network packets. Moreover, the architecture of Window' s network (AWN) protocol is presented. Based on comparative analysis of OSI and AWN, several solutions of intercepting network packets are presented and final technical solution is concluded after review.
出处
《计算机工程与设计》
CSCD
北大核心
2008年第21期5461-5463,共3页
Computer Engineering and Design
基金
湖北省教育厅重点基金项目(B200619001)