摘要
《计算机信息系统安全保护等级划分准则》是我国计算机安全产品和系统必须遵循的标准,而CC是一个新的国际性通用标准,设计一个满足CC标准的网络安全产品或系统,目前国内还没有借鉴之处。文章对国际国内的安全标准现状进行了分析比较,研究了将我国的计算机信息系统安全保护等级的要求用CC标准来描述的问题,并对基于IPSEC的VPN的安全功能要求的实现进行了研究。
The China Classified Criteria for Security is a rule that each security IT products or systems must follow.The Common Criteria(CC)is a newly adopted international standard that is mutually recognized in a global IT market.There are no examples in the country for designing an IT security product or system that has been validated against the CC.In this paper,the current international and national IT security standards are analyzed and compared,and the descrip-tion of the security policy of classified protection in the form of CC security functional requirement components are studied.At the end,it discusses the implementation of the security functional requirement of VPN based on IPSec.
出处
《计算机工程与应用》
CSCD
北大核心
2003年第16期156-158,共3页
Computer Engineering and Applications
基金
国家自然科学基金资助项目(编号:70071022)
关键词
安全构件
安全功能要求
安全标准评估
IPSEC协议套件
Security components,Security function requirements,Security standard evaluations,A set of IPSEC protocols
