中国科学院软件研究所机构知识库
Advanced  
ISCAS OpenIR  > 中科院软件所  > 中科院软件所
题名:
基于IPSec协议的路由器中安全系统的研究与实现
作者: 李卿
答辩日期: 2004
专业: 计算机应用技术
授予单位: 中国科学院软件研究所
授予地点: 中国科学院软件研究所
学位: 博士
关键词: 路由器 ; 访问控制 ; 审计
其他题名: Research on and Implementation of the security environment of the Security Router with IPSec
摘要: 近年来,INTERNET得到了飞速的发展,广泛的渗入到个人和社会的各个方面,越来越多的信息需要通过取TERNET来传输,其中就包括大量的敏感、机密的信息。然而,INTERNET本身的基础设施中存在着巨大的安全隐患。所以,IPSec协议作为IP网络中的安全协议被提出来,以解决IP层的安全通信问题。基于IPSec协议的路由器的目的就是以IPSec的实现为基础,提供网络信息的安全通信。本文将根据基于IPSec协议的路由器本身以及提供的服务存在的安全隐患,分析当前的安全技术,阐述如何搭建一个在能够保证自身安全的前提下提供安全服务的基于IPSec协议的路由器的方法。基于IPSec协议的路由器的安全保障由路由器中的访问控制系统、密钥管理系统、审计系统、安全服务策略系统、智能诊断系统以及IPSec实现共同提供。本文将详细介绍针对这些系统的研究与实现。并且在访问控制方面,本文还针对现有的层次化RBAC模型中角色更改困难的问题提出了自己的角色分离的层次化曲AC模型。本文组织如下:第一章简要介绍系统安全和基于IPSec协议的路由器;第二章介绍了基于IPSec协议的路由器的安全系统框架;第三章介绍路由器中的访问控制系统;第四章介绍了路由器中的密钥管理系统;第五章介绍了路有器中的审计系统:第六章介绍了路由器中的安全服务策略系统;第七章介绍了路由器中的智能诊断系统;第八章总结了全文,并且提出了对下一步工作的展望。
英文摘要: In recent years, Internet has been experiencing rapidly growth and infiltrating into many aspects of person and society. More and more information have been transported via Internet, including a large amount of sensitive and confidential information. The infrastructure of Internet, however, has many security hidden troubles. IPSec has been proposed as the security protocol of the IP network, to provide IP security. The Router with IPSec is meant to provide security communication on the basis of the IPSec implementation. To eliminate the hidden trouble existing in the Security Router and the service it provides, the paper demonstrates a building for the security environment of the Router on the basis of comparing the state-of-the-art, which can protect the Router providing security service. The security environment of the Router with IPSec is provided by the cooperation of access control system, key management system, audit system, security service strategy system, intelligent diagnosis system and IPSec implementation. The paper will deliberately introduce the research and implementation of these systems. Besides, the paper proposes a Hierarchy RBAC Model Based on Separation of Duties to solve the difficulty of altering the roles in Hierarchy RBAC Model. The paper is organized as this: The first chapter introduces system security and the Security Router with IPSec; The second chapter introduces the security architecture of the Security Router system; The third chapter introduces the access control system of the Security Router; The fourth chapter introduces the key management system of the Security Router; The fifth chapter introduces the audit system of the Security Router; The sixth chapter introduces the security service strategy system of the Security Router; The seventh chapter introduces the intelligent diagnosis system of the Security Router; The eighth chapter gives a conclusion and indicts the future directions of the system.
语种: 中文
内容类型: 学位论文
URI标识: http://ir.iscas.ac.cn/handle/311060/5648
Appears in Collections:中科院软件所

Files in This Item:
File Name/ File Size Content Type Version Access License
LW014056.pdf(2811KB)----限制开放-- 联系获取全文

Recommended Citation:
李卿. 基于IPSec协议的路由器中安全系统的研究与实现[D]. 中国科学院软件研究所. 中国科学院软件研究所. 2004-01-01.
Service
Recommend this item
Sava as my favorate item
Show this item's statistics
Export Endnote File
Google Scholar
Similar articles in Google Scholar
[李卿]'s Articles
CSDL cross search
Similar articles in CSDL Cross Search
[李卿]‘s Articles
Related Copyright Policies
Null
Social Bookmarking
Add to CiteULike Add to Connotea Add to Del.icio.us Add to Digg Add to Reddit
所有评论 (0)
暂无评论
 
评注功能仅针对注册用户开放,请您登录
您对该条目有什么异议,请填写以下表单,管理员会尽快联系您。
内 容:
Email:  *
单位:
验证码:   刷新
您在IR的使用过程中有什么好的想法或者建议可以反馈给我们。
标 题:
 *
内 容:
Email:  *
验证码:   刷新

Items in IR are protected by copyright, with all rights reserved, unless otherwise indicated.

 

 

Valid XHTML 1.0!
Copyright © 2007-2017  中国科学院软件研究所 - Feedback
Powered by CSpace