摘要
分析了因特网中的网络级安全问题。提出了两种网络级安全系统的设计途径。一种是在现有IP协议的基础上建立分组过滤路由器和代理AK务器结合的防火墙系统。另一种是在扩展的IP安全协议基础上建立穿越因特网的VPN安全系统。分别分析了其系统原理和设计原则。
The security problems of the Internet at network layer are analyzed. Two kinds of design approach of security system at network layer are proposed. One, which is based on the cur- rent IP protocol, is to establish firewalls combined with IP packet - filter routers and proxy servers. The other, which is based on the extended IP security protocols, is to establish security systems of VPNs through the Internet. Their system theories and design principles are discussed respectively.
出处
《通信技术》
2000年第2期10-13,共4页
Communications Technology
关键词
安全系统
防火墙
互连网
安全协议
network security, firewall, Internet security protocol, virtual private network
