摘要
面向工业控制网络环境的高安全级别信息系统网络,结合物理网闸和虚拟防火墙的思想,提出一种基于Xen共享内存的高效虚拟化多级网络安全互联机制,依照信息系统安全需求与不同的应用业务需求,企业可以使用不同安全策略的虚拟机模版,利用虚拟机间共享内存机制模拟物理网闸的专用传输介质,从而提升安全隔离性能,并能够保证较高的安全性。为网闸的发展提供了新的思路。
For high security level information system,such as industrial control environment draws from GAP and virtual firewall,a newmultilevel interconnection network security mechanism based on Xen shared memory technology was proposed. According to the security needs of information systems and different business needs,enterprises could apply different VM templates which had their own security policies,and shared memory was used to simulate the dedicated transmission medium of GAP to enhance the performance of security isolation with high security,which provided a newidea for the development of GAP.
出处
《山东大学学报(理学版)》
CAS
CSCD
北大核心
2016年第3期98-103,110,共7页
Journal of Shandong University(Natural Science)
基金
高等学校博士学科点专项科研基金(20131103120001)
关键词
工业控制网络
多级网络安全互联
网闸
Xen共享内存
流量过滤
industrial control network
multistage interconnection network security
GAP
Xen shared memory
traffic filtering
