中国科学院软件研究所机构知识库
Advanced  
ISCAS OpenIR  > 中科院软件所  > 中科院软件所
题名:
防火墙系统及其分布式应用的研究
作者: 张磊
答辩日期: 2000
专业: 计算机应用技术
授予单位: 中国科学院软件研究所
授予地点: 中国科学院软件研究所
学位: 博士
关键词: 防火墙 ; 包过滤 ; 代理 ; 混合型防火墙 ; 分布式
摘要: 随着计算机网络,特别是近年来Internet的飞速发展,各公司面临的最大问题就是如何用一种有效的安全解决方案来保护网络及信息系统不受攻击。在众多的方案中,防火墙是安全解决策略的关键部分。防火墙是一类安全防范措施的总称,它是在两个网络之间强制实施访问控制策略的一个系统或一组系统。本文主要是针对有关防火墙的技术和防火墙应用的模型、设计和实现进行研究,研究重点主要有两个方面。一方面是研究在构造防火墙系统时所用的防火墙的参考模型以及防火墙的设计和实现技术。通过对各种防火墙技术和防火墙体系结构的分类比较,使读者对防火墙技术有一个整体的理解。对明确防火墙相关概念和选择使用防火墙上具有指导意义。同时,介绍了一个利用多种防火墙新技术的混合型防火墙系统的设计和实现过程。在这里介绍的一些技术细节和实现策略可以为今后的防火墙构造提供借鉴。另一个方面就是针对一个具体的防火墙的分布式应用,提出了一个基于Agent的防火墙分布式应用,提出了一个基于Agent的防火墙分布式应用模型结构,拼且提出了一个简单的体系结构定义语言(ADL)来对该模型进行描述。这个模型结构为我们分布式应用的防火墙系统提供了一个灵活的通用框架,它不仅可以使系统更具有灵活性和可扩展性,也使得软件Agent可以方便的重用现有软件资源。这个基于Agent的模型结构不仅是针对防火墙或网络安全领域的,而且适用于其它利用软件工程方法的领域和系统,对所有基于Agent的应用都具有指导作用。通过这样的系统模型,可以增强系统的用户化和增加新功能。另外,我们提出的简单ADL也适用于所有基于部件的分布式系统中。
英文摘要: Recently, with computer network and Internet increasing rapidly, its have changed forever the way of corporations, enterprises, and organizations communicating. But the vital problem that they mustface is how to protect their network and information system against attack by setting an effective network security solution. In all of this solution, firewall is one of the important parts. Firewall is a type of network security measure. A firewall is a system or group of systems that enforces an access control policy between two networks. In the dissertation, we study on the modeling, design, and implementation of firewall technologies and firewall application. There are two part in the dissertation. On the one hand, we study deeply in the model, design, and implement of building firewall system. By the comparing and classifying the all types of firewall technology, we present a whole concept of firewall technology to reader. It is the good guide to choice and building firewall system. In additional, we illustrate a process of designing and implementing a prototype firewall system, We have used several types new technologies in firewall field to build this firewall system. All of the detail of technologies and implementing strategies are a good example to building firewall system in future. On the other hand, we illustrate an actual system that is protected by distributed firewall systems. According to the system requirement, we introduce an Agent-base module. And then, we introduce a sample ADL that define the system models. This Agent-base module provides a flexible architecture for the distributed firewall system. Running in this architecture, the firewalls are not only enhanced the flexible and expandable of application but also allowed to reuse the legacy software easily. The agent-base module is not only used in firewall and network security domain, but also used in other domains and systems that applying the method of software engineering to build systems. A system is built in this agent-base module. It is very easy to add new system functions add reconfigure the system running environment by customer's requirements. In additional, the ADL that we have introduced in the dissertation can be applied in all of component-base distributed system.
语种: 中文
内容类型: 学位论文
URI标识: http://ir.iscas.ac.cn/handle/311060/5772
Appears in Collections:中科院软件所

Files in This Item:
File Name/ File Size Content Type Version Access License
LW002980.pdf(1709KB)----限制开放-- 联系获取全文

Recommended Citation:
张磊. 防火墙系统及其分布式应用的研究[D]. 中国科学院软件研究所. 中国科学院软件研究所. 2000-01-01.
Service
Recommend this item
Sava as my favorate item
Show this item's statistics
Export Endnote File
Google Scholar
Similar articles in Google Scholar
[张磊]'s Articles
CSDL cross search
Similar articles in CSDL Cross Search
[张磊]‘s Articles
Related Copyright Policies
Null
Social Bookmarking
Add to CiteULike Add to Connotea Add to Del.icio.us Add to Digg Add to Reddit
所有评论 (0)
暂无评论
 
评注功能仅针对注册用户开放,请您登录
您对该条目有什么异议,请填写以下表单,管理员会尽快联系您。
内 容:
Email:  *
单位:
验证码:   刷新
您在IR的使用过程中有什么好的想法或者建议可以反馈给我们。
标 题:
 *
内 容:
Email:  *
验证码:   刷新

Items in IR are protected by copyright, with all rights reserved, unless otherwise indicated.

 

 

Valid XHTML 1.0!
Copyright © 2007-2017  中国科学院软件研究所 - Feedback
Powered by CSpace