摘要
为了保证网络安全,将威胁隔离在受保护的网络之外,需要在主机接入网络以前对其进行健康状况评估,只允许符合既定安全策略的主机接入网络。针对上述问题,本文基于可信网络连接TNC技术设计并实现了一个安全接入系统,该系统可以根据指定的安全策略,对所有申请接入内网的主机进行身份验证和完整性校验,拒绝不安全的主机接入,最大限度的保证内网安全。
In order to protect network from threats of malicious software,the security state of the endpoint must be evaluated before the endpoint being granted full access to the protected network. Only the good health endpoints which satisfy network access policies can be authorized. In this paper,we will design and implement a security access control system based on TNC. The system can verifies the user's identity and integrity of endpoint by which the user request to access to protected network,thereby all the endpoints accessed to the protected network are healthy,and the security of the network can be assured.
出处
《微计算机信息》
2010年第3期74-75,118,共3页
Control & Automation
