摘要
在深入分析融合泛在网功能和特征的基础上,通过增加安全接入网关和虚拟重构安全控制服务器(简称安全控制服务器)两类主要的功能实体构成协同防护的硬件体系,同时通过策略订阅实现协同防护的软件逻辑体系,并采用基于证据投影分解方法的证据理论实现安全态势评估,从而实现在融合泛在网中各种末梢网络均可通过安全接入网关,利用现有的各种异构接入网络安全接入到位于IP核心网的安全服务平台,也可将安全服务命令和数据发送到末梢节点。
With the in-depth analysis on the functions and features of fusion ubiquitous network, the hardware system for collaborative protection described in this paper was implemented by adding two kinds of function entities namely fu- sion security access gateway and virtual reconstruction security control server (security control server). Meanwhile, the software logical system was implemented by policy subscription. Additionally, an evidence projection decomposition method was used on evidence combination,which provides a security situation analysis method. Thus, in fusion ubiqui- tous network,various peripheral networks could use existing heterogeneous access network to access the security ser- vice platform in the IP core network by security access gateway. Meanwhile, the command and data of security service can he sent to peripheral nodes in the other direction.
出处
《计算机科学》
CSCD
北大核心
2017年第5期100-104,131,共6页
Computer Science
基金
国家自然科学基金项目(61272419)资助
关键词
融合泛在网
安全接入网关
安全控制服务器
态势评估
Fusion ubiquitous network,Security access gateway, Security control server, Situation analysis
