摘要
提出了一种基于协议重构的内外网逻辑隔离新方法,通过重构现有公共通信协议,形成专有协议,实现内网专有用户与公共用户隔离。在内网中,公共用户能访问外网,而专有用户与外网"逻辑隔离"。相对于物理隔离方法,这种方法在保证内网安全性能的前提下,满足了内网用户对外信息的需求,提高了信息交流的灵活度;相对于传统协议隔离方法,这种方法投入小、技术风险低,实用性更强。
The internet protocols are reconstructed to form private ones due to structure comparability. Then a novel network logic isolation system is designed based on the re-constructed private protocols. These private protocols are used to realize the network isolation among different security class systems. In inner networks, public users are able to link to the internet, but private users are rejected to send or accept the outer information. Compared with physical isolations, the logic isolation method can present internet servers for inner pubic users, and help information communion and improve the high expandability of the system. Moreover the applied method is cheaper and less risky than traditional logical isolation protocols.
出处
《中国电子科学研究院学报》
2014年第3期319-324,共6页
Journal of China Academy of Electronics and Information Technology
基金
总装预研基金(9140A040413DZ 3800001)
关键词
网络逻辑隔离
协议重构
TCP
IP协议
network logic isolation
re-constructed protocols
TCP/IP protocol
