摘要
MPLS VPN技术能够满足电子政务中隔离业务流的安全要求,对数据流进行流量管理,实现QoS保证,但它采用明文传输方式容易导致泄密,而IPSec采用加密、认证等安全技术,能够保证MPLS VPN传输中的数据安全性。文中通过对常见实施方法进行分析对比,提出了一种把IPSec融入MPLS内外标签封装过程的方法,利用IPSec的安全可靠及MPLS的高速交换、QoS保证的优点,提供安全、高效、透明的电子政务VPN服务,并给出了实施过程。
MPLS VPN can meet E-government security requirements,including data-flow isolation,traffic control and QoS Assurance,but the plain-text transmission of data is could easily cause secrets leakage. IPSec with certification and encryption technologies can ensure the data safety in MPLS VPN transmission and improve the security of E-government. Based on discussion and analysis on certain implementations,a method to merge IPSec into inside and outside labels encapsulations of MPL. With the advantages of IPSec's high security and reliability,MPLS's high speed switching and QoS guarantee,a secure,transparent and efficient E-government VPN service could be provided. The specific implementation is also seven in this paper.
出处
《信息安全与通信保密》
2011年第11期57-59,62,共4页
Information Security and Communications Privacy
