摘要
针对电路级网关的SOCKSv5协议及其特点 ,利用其灵活的协议协商阶段 ,对SOCKSv5的标准协议进行扩展 ,在SOCKS的协商阶段实现对工作在其他网络层次的安全协议的安全环境的建立 ,从而实现对工作在不同层次的网络安全协议的统一、单点的管理。利用SOCKS化客户端软件 ,向SOCKS服务器提供客户所请求的应用协议、命令等信息 ,从而实现高细粒度控制。利用SOCKSv5协议及在其上的扩展 ,构建网络边界安全框架 ,具有功能强大、可扩展性强、管理策略统一。
This thesis describes the characteristics of the circuit level gateway SOCKSv5. By using its flexible negotiation for the authentication and encryption method, the SOCKSv5 standard protocol is expended. Also, the security association for other security protocols in different layers of network stack is established during the negotiation of SOCKS. Consequently, uniform and sole manager for security protocols is implemented. By providing requested information by SOCKS client to SOCKS server relying on SOCKSified client softwrae - application protocol and command, for example. It then consequently implements the detailed control. Using SOCKSv5 and expanding on it can establisha security framework of network border. It has characteristics which are strong function, easy flexiblieness, uniform manager policy, and detailed control.
出处
《计算机应用》
CSCD
北大核心
2002年第6期20-22,共3页
journal of Computer Applications
基金
"973"规划项目(035801)