期刊文献+

基于分层动态地址的访问控制方案设计

Accessibility privacy enforcement with hierarchical address dynamics
原文传递
导出
摘要 提出了基于IPv6的分层动态地址访问控制系统Hardy的设计原型.Hardy在不影响IPv6地址前缀路由功能的前提下,将地址的后缀部分设置为可动态改变的身份地址.分层网络中的子节点将会从父节点继承部分身份地址加入到自己的地址中作为后缀.同时,父节点将获知子节点的身份地址并据其对通往子节点的流量进行过滤.主机或网络节点通过定期改变自己的身份地址并通知父节点修改过滤规则,来阻止曾经获取其合法地址的恶意用户对其进行进一步访问.身份地址可以通过终端主动访问的方式告知对端,或通过平台发布供授权得到验证的对端获取. The designing prototype of an IPv6-based hierarchical dynamical addressing system named Hardy was proposed.Hardy imposed the IPv6 address suffix as a dynamical identity address called IA,without affecting its routing and forwarding functionalities.The identity address(IA)of a parent node was adopted by the children nodes as the suffix for their IA.Meanwhile,a child node′s IA was acknowledged by its parent node for traffic filtering,to prevent malicious access from hosts who had obtained the obsolete IA.The up-to-date identity address can be directly notified to the other hosts by active access,or be published and retrieved by those who passed the authority verification.
作者 朱晶 刘莉莉 吴建平 Zhu Jing;Liu Lili;Wu Jianping(Department of Computer Science and Technology,Tsinghua University,Beijing 100084,China)
出处 《华中科技大学学报(自然科学版)》 EI CAS CSCD 北大核心 2016年第S1期84-88,98,共6页 Journal of Huazhong University of Science and Technology(Natural Science Edition)
基金 国家发改委CNGI资助项目(CNGI-12-03-001)
关键词 访问控制 编址模式 分层系统 过滤 拒绝访问攻击 协议 access control addressing mode hierarchical system filter denial of service attack protocol
  • 相关文献

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部