摘要
Linux操作系统以网络功能强大、高效等特点已得到广泛的应用。针对Linux对内部用户访问控制存在的缺陷 ,在其内核IPChains的基础上 ,充分利用应用层身份认证方式与网络层IP地址认证方式的优点 ,根据用户的身份设定访问策略 ,使整个访问控制的最终实现仍在网络层 ,保持了系统运行的高效性 ,并对系统设计思想和实现过程进行了详细的讨论。
Linux has been used widely today. In this paper, a new method is introduced to implement user access control based on IPChains. The combination of ″Challenge/Response″ authentication and dynamic adding access rules according to user is adopted to implement user access control. The method can effectively solve the existing defects of user access control in traditional Packet Filtering Firewall, and discusses the key technologies of implementation.
出处
《计算机应用研究》
CSCD
北大核心
2002年第7期132-134,共3页
Application Research of Computers
基金
国家自然科学基金重点项目 (70 0 310 2 0 )
