摘要
随着云计算、容器技术、软件定义网络等新技术不断发展,带来了一系列新的安全挑战,如身份验证,访问控制,数据隐私和数据完整性等。软件定义边界SDP的提出为网络安全模型提供了一种新的解决思路,该模型与VPN最大的区别在于需要先验证用户身份并验证设备才能建立连接。简要描述SDP体系结构,关键技术及应用场景,并对相关产品进行简单对比,结果表明SDP作为一种安全模型可以动态保护访问安全。
With the continuous development of cloud computing,container technology,software-defi ned network and other new technologies,it brings a series of new security challenges,such as authentication,access control,data privacy and data integrity.The proposal of software defi ned perimeter SDP provides a new solution for network security model.The biggest difference between this model and VPN is that users'identity and devices need to be verifi ed before connection can be established.This paper briefl y describes the architecture,key technologies and application scenarios of SDP,and makes a simple comparison of related products.The results show that SDP as a security model can dynamically protect access security.
作者
潘吴斌
任国强
PAN Wubin;REN Guoqiang(Jiangsu Tianchuang Technology Co.,Ltd.,Suzhou 21500,China)
出处
《数字通信世界》
2021年第3期192-195,共4页
Digital Communication World
关键词
网络安全
软件定义边界
SDP
零信任
安全模型
network security
software defi ned perimeter
SDP
zero trust
security model
