摘要
VPN技术是解决网络安全问题的一条有效途径·在分析了VPN技术的特点和IPSec规范原理的基础之上 ,提出了一种VPN系统设计模型·不同于一般VPN系统模型 ,该模型考虑了群组通讯和QoS的需求·着重讨论了具体实现中的Linux内核重构、密钥更新、基于策略的信息过滤以及QoS控制等关键技术·VPN产品能否被广泛接受主要取决于以下两点 :一是VPN方案能否以线路速度进行加密 ,否则将会产生瓶颈 ;二是能否调度和引导VPN的数据流到网络上的不同管理域·
VPN technology is one efficient way to solve network security problem. A kind of VPN model based on the analysis of VPN's character and the principle of IPSec specification was presented. The request of group communication and QoS were considered. Some key technology such as Linux kernel reorganization, key refreshment, information filter based on policy and QoS control etc were discussed. That VPN products can be accepted widely or not lies on two factors: ①VPN product can be encrypted in line speed or not; ②Data stream of VPN can be led to different management domain of network or not.
出处
《东北大学学报(自然科学版)》
EI
CAS
CSCD
北大核心
2000年第2期136-139,共4页
Journal of Northeastern University(Natural Science)
基金
国家"八六三"高技术计划资助项目! ( 863 -3 0 6-ZT0 5 -0 5 -5 )