摘要
针对传统网络访问控制系统在灵活性以及扩展性方面的不足,设计和实现一种支持检查项灵活扩展的网络访问控制系统。该系统分析和列出了检查实施操作所依赖的各种特征要素,安全管理员可基于这些特征要素进行检查项的定制,并基于所定制的检查项设置相应的访问控制规则。测试结果表明该系统仅通过界面配置即可实现对新检查项的支持。
Traditional network access control systems lack flexibility and extensibility in checking network packets, and thus a network access control system with flexible check mechanism is designed. The characteristic factors of the access control system is analyzed and listed, and based on which system security managers could customize the check items and then establish access control rules. The test results show that the system is flexible with new check items through GUI configuration.
出处
《信息安全与通信保密》
2009年第11期103-104,108,共3页
Information Security and Communications Privacy
基金
国家863项目资助(基金号:2007AA01Z457)
国家大学生创新性实验计划项目资助(基金号:ITP028)
关键词
网络安全
访问控制
检查项定制
可扩展性
network security
access control
check item customization
flexibility
